Overview

overview

8

Static

static

8

7d00f843ff...35.exe

windows7-x64

8

7d00f843ff...35.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d00f843ff9bee3803b1cc225bef580ac9b8df7c4f9b29fe8fcf1d2e2e778635

  • Size

    952KB

  • Sample

    221126-zjtsqada63

  • MD5

    c8ccf573777e326b680e4f60614c5f64

  • SHA1

    d956e1efc8adbda8cb98329f448962f7d5ae91e3

  • SHA256

    7d00f843ff9bee3803b1cc225bef580ac9b8df7c4f9b29fe8fcf1d2e2e778635

  • SHA512

    b142a2e94381ce14a4cfd322eb8b5c51253a551e7392417f731eb018775754b2ed1f81f676634ced17d621a69e3b41c3a90efc97cd1d8dd3654e132d5e7605e4

  • SSDEEP

    12288:lCsChjAZx3bfwVIEjVDwJubINFgqXkvljRnYkxQ/vtbmIbllCVyDDQAamhbW:lrXyjBwJubINFgq+Rnc1bTblMVs7hq

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      7d00f843ff9bee3803b1cc225bef580ac9b8df7c4f9b29fe8fcf1d2e2e778635

    • Size

      952KB

    • MD5

      c8ccf573777e326b680e4f60614c5f64

    • SHA1

      d956e1efc8adbda8cb98329f448962f7d5ae91e3

    • SHA256

      7d00f843ff9bee3803b1cc225bef580ac9b8df7c4f9b29fe8fcf1d2e2e778635

    • SHA512

      b142a2e94381ce14a4cfd322eb8b5c51253a551e7392417f731eb018775754b2ed1f81f676634ced17d621a69e3b41c3a90efc97cd1d8dd3654e132d5e7605e4

    • SSDEEP

      12288:lCsChjAZx3bfwVIEjVDwJubINFgqXkvljRnYkxQ/vtbmIbllCVyDDQAamhbW:lrXyjBwJubINFgq+Rnc1bTblMVs7hq

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks