4807e30569af6120a9b02a62d72405594d93a91cd949d91cb88f32e03daa73bd | Triage

Submit
Reports

Overview

overview

8

Static

static

8

WXCltAidEx.exe

windows7-x64

8

WXCltAidEx.exe

windows10-2004-x64

8

clsmn.exe

windows7-x64

8

clsmn.exe

windows10-2004-x64

8

Sharing

General

Target

4807e30569af6120a9b02a62d72405594d93a91cd949d91cb88f32e03daa73bd
Size

7.7MB
Sample

221127-p6lqhshf22
MD5

e2d515c9a1e5947fd1bb6956c72d2686
SHA1

f33094a87f993b7468d4b5cffe7e69fe504802cd
SHA256

4807e30569af6120a9b02a62d72405594d93a91cd949d91cb88f32e03daa73bd
SHA512

98265243feabe117d66dcebe60d4ec42a307510a0cbe5583ecbfd39d9e0eaee601d3e0bc5930e97dc321fb42e548fdcb7f3f9c8038e56cc3b436d3ebc93893d1
SSDEEP

196608:5zy3ze3RkR7e/8h2CJ268q5cxO753RuWuAJhLVhoDqUtXezc5t:4zERuS/8kCJKq5Z53RuYfMqUtOzc5t

Score

8^/10

vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

WXCltAidEx.exe

Resource

win7-20220901-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

WXCltAidEx.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

clsmn.exe

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

clsmn.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  WXCltAidEx.exe
- Size
  
  3.7MB
- MD5
  
  ed0ee4fc304cd842c9f6195a9c7116e4
- SHA1
  
  dddd35673a71deb7d2f379605b80ef02a94301cf
- SHA256
  
  103fb59fd4123c61cba74ce0a1bd9488f2b99bcc2eb3dbec82241753b0496701
- SHA512
  
  f390c6d6784e22bebbe585326af7dbe1bc3a5ce852c9a84fc3284bbfefde6f4fe199b1bd07792c3b3436822b333687ae9a675c6ce80d475dfab0b24b2e0b1a28
- SSDEEP
  
  98304:6P/kTUx5T1TaGjY/V9m5qoU8xbWvsvujvrZBlZ:6P/k4x5Z7m9iqoU8xblujvVZ
Score

8^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2
- Target
  
  clsmn.exe
- Size
  
  4.2MB
- MD5
  
  bf41cab069505d410fdf1f1bb2207498
- SHA1
  
  d690c276d0d5e9ec2f4863ced7950b59c4a9d2ed
- SHA256
  
  4ba8e7eab5f3e64d2f7a9bdfc0be267d666da15616461b99175978d370eb338b
- SHA512
  
  5a335e51305713b35607359cbe844174a536d5707b40a6bcfcc69953cf8ee845d1d877fcd5a52989b17697b50f66b52956ed25d01174583e683d8deef177bca1
- SSDEEP
  
  98304:cDbDg7bIMBU9F9UwCtYcXobicvIiaoeqsdrptf8:s83BU97UwMrcPeqsBf8
Score

8^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy