General

  • Target

    4807e30569af6120a9b02a62d72405594d93a91cd949d91cb88f32e03daa73bd

  • Size

    7.7MB

  • Sample

    221127-p6lqhshf22

  • MD5

    e2d515c9a1e5947fd1bb6956c72d2686

  • SHA1

    f33094a87f993b7468d4b5cffe7e69fe504802cd

  • SHA256

    4807e30569af6120a9b02a62d72405594d93a91cd949d91cb88f32e03daa73bd

  • SHA512

    98265243feabe117d66dcebe60d4ec42a307510a0cbe5583ecbfd39d9e0eaee601d3e0bc5930e97dc321fb42e548fdcb7f3f9c8038e56cc3b436d3ebc93893d1

  • SSDEEP

    196608:5zy3ze3RkR7e/8h2CJ268q5cxO753RuWuAJhLVhoDqUtXezc5t:4zERuS/8kCJKq5Z53RuYfMqUtOzc5t

Score
8/10

Malware Config

Targets

    • Target

      WXCltAidEx.exe

    • Size

      3.7MB

    • MD5

      ed0ee4fc304cd842c9f6195a9c7116e4

    • SHA1

      dddd35673a71deb7d2f379605b80ef02a94301cf

    • SHA256

      103fb59fd4123c61cba74ce0a1bd9488f2b99bcc2eb3dbec82241753b0496701

    • SHA512

      f390c6d6784e22bebbe585326af7dbe1bc3a5ce852c9a84fc3284bbfefde6f4fe199b1bd07792c3b3436822b333687ae9a675c6ce80d475dfab0b24b2e0b1a28

    • SSDEEP

      98304:6P/kTUx5T1TaGjY/V9m5qoU8xbWvsvujvrZBlZ:6P/k4x5Z7m9iqoU8xblujvVZ

    Score
    8/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Target

      clsmn.exe

    • Size

      4.2MB

    • MD5

      bf41cab069505d410fdf1f1bb2207498

    • SHA1

      d690c276d0d5e9ec2f4863ced7950b59c4a9d2ed

    • SHA256

      4ba8e7eab5f3e64d2f7a9bdfc0be267d666da15616461b99175978d370eb338b

    • SHA512

      5a335e51305713b35607359cbe844174a536d5707b40a6bcfcc69953cf8ee845d1d877fcd5a52989b17697b50f66b52956ed25d01174583e683d8deef177bca1

    • SSDEEP

      98304:cDbDg7bIMBU9F9UwCtYcXobicvIiaoeqsdrptf8:s83BU97UwMrcPeqsBf8

    Score
    8/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Matrix

Tasks