9ef5d445226e34dedc82b6b0d708bfd40d1c191072f4dc1840f537d56b962165 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

9ef5d44522...65.exe

windows7-x64

8

9ef5d44522...65.exe

windows10-2004-x64

8

Sharing

General

Target

9ef5d445226e34dedc82b6b0d708bfd40d1c191072f4dc1840f537d56b962165
Size

1.3MB
Sample

221127-d34ldabb3t
MD5

4d528c349a52e5e6c2895232b7aa6e2d
SHA1

e948bb66219631d078d556c25442364129312044
SHA256

9ef5d445226e34dedc82b6b0d708bfd40d1c191072f4dc1840f537d56b962165
SHA512

e95f44f81701275b8c2a60b6980522c5ccd8d1c5f7724019f33780735cdaafae8dc6a87d5e8a03b2bbeab0b2ea7e0ba38271b07550d7162b2c0a9fe1b128e5c7
SSDEEP

24576:YUU3jIP9B0ua2tdRUV5G0329TqgszJLZ5TGpszIokcF0K+QjX:cQ0x2tdmXgqgszJLbTMqhtF0PQ

Score

8^/10

persistence vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9ef5d445226e34dedc82b6b0d708bfd40d1c191072f4dc1840f537d56b962165.exe

Resource

win7-20221111-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9ef5d445226e34dedc82b6b0d708bfd40d1c191072f4dc1840f537d56b962165.exe

Resource

win10v2004-20220812-en

persistence vmprotect

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  9ef5d445226e34dedc82b6b0d708bfd40d1c191072f4dc1840f537d56b962165
- Size
  
  1.3MB
- MD5
  
  4d528c349a52e5e6c2895232b7aa6e2d
- SHA1
  
  e948bb66219631d078d556c25442364129312044
- SHA256
  
  9ef5d445226e34dedc82b6b0d708bfd40d1c191072f4dc1840f537d56b962165
- SHA512
  
  e95f44f81701275b8c2a60b6980522c5ccd8d1c5f7724019f33780735cdaafae8dc6a87d5e8a03b2bbeab0b2ea7e0ba38271b07550d7162b2c0a9fe1b128e5c7
- SSDEEP
  
  24576:YUU3jIP9B0ua2tdRUV5G0329TqgszJLZ5TGpszIokcF0K+QjX:cQ0x2tdmXgqgszJLbTMqhtF0PQ
Score

8^/10

vmprotect persistence
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

persistencevmprotect

© 2018-2024

Terms | Privacy