Overview

overview

8

Static

static

8

会员终�....8.exe

windows7-x64

8

会员终�....8.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f69648b1c0763d5eadac5b03e71e38ceab2ba6da9a3c8e38c216239025192c4a

  • Size

    1.2MB

  • Sample

    221126-2wz7daeg9w

  • MD5

    6ad42861a5085ec0a801f729c299f978

  • SHA1

    64e18a79968e84713f46e863cdd12ebddbacdf64

  • SHA256

    f69648b1c0763d5eadac5b03e71e38ceab2ba6da9a3c8e38c216239025192c4a

  • SHA512

    4834c6ad45885b67202fac6801aa6a28dae7144aba84f2952a083d8574634582c7aee36fc5e65754e97de8417da55f8f544e05cd2c794844ccd84d411294e6c7

  • SSDEEP

    24576:POfREXmTPDcocsaE+f9b01IWIsAF8AAX2/j5NLL/dPwHORksT/DRuJs6LX7Y5w:mfyXmLcGaxf9b01Ih7HAcLLvTHK

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      会员终结者3.8.exe

    • Size

      1.3MB

    • MD5

      c308423474f15a521a02e8f8213ba459

    • SHA1

      49c9735a32ce2c3e1e4c7a99e5110f94d0b1a3fd

    • SHA256

      3514ebc94c64e6faf1da7c91df9b4d7695bd7717eb34eabde4ee96157abcf4d7

    • SHA512

      14ab8fd0e4efc50b1e9b6b8bc9954c3cbeb6eaa37da11c433d73e7a9af162c3e6ec7429d3edf2235a6debac229a7c5c9e930a69c6f0c133646fe5da26b573d59

    • SSDEEP

      24576:E7wnMrzYmRa8tH9Vo8QBTQ+WY590c0aRH8fFkj1vzDDST:E3YOtZE+YMaRcfi9O

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks