b1842c239be6a6a317fc39842678e6efc1802ada1be22a1961702a2afa6cfb1c | Triage

Submit
Reports

Overview

overview

8

Static

static

8

HWID.exe

windows7-x64

8

HWID.exe

windows10-2004-x64

8

Sharing

General

Target

b1842c239be6a6a317fc39842678e6efc1802ada1be22a1961702a2afa6cfb1c
Size

1.7MB
Sample

221127-fpwdysbd55
MD5

6b4d8286e91d78be5c80a2f50dffa6ae
SHA1

50bdefcd4ae8983e4c01483d67f1b3a1c25f3401
SHA256

b1842c239be6a6a317fc39842678e6efc1802ada1be22a1961702a2afa6cfb1c
SHA512

e55597fc0c59fc6b39b4bf2f754132e91135767a29833160d1ee555957ecc7257781e1573dc778a6aa10967dee0491eb6ac546b2513236daf8ac7dd1c9f27a90
SSDEEP

49152:H4/bxF2wTOY8THPBjx6mJ5lEfd7Pztj+FGVPTFK5EJ:H4/3Tgtjx6mXlE5Pz5ik

Score

8^/10

vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

HWID.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

HWID.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  HWID.exe
- Size
  
  1.7MB
- MD5
  
  17109008c1e8ac39762025d04f0e861c
- SHA1
  
  5af543b835451a29d05906dfdf7c76b57f47f026
- SHA256
  
  316a0cb2effdbfef9011c7bd9b705d3e1b0bc5bffa3c96523ea2091404dde490
- SHA512
  
  5342c85a1f06450f788f1d6f575ed0f40f032b16844b64d7d9e3285409ea652926ebc3a478675f7c0bef4be580593a187126f25f0909d5efc5c4c8972eb1aa8f
- SSDEEP
  
  49152:k8PIdLAZ3MenOw+1U8XetdtJriw/9kLqoHl:hId+8YG1V0tJriuCZl
Score

8^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy