676776431fd9c95d10ffc1744598eb2ca0c63f372b9b5d005d704ed7c0880914

Sharing

Copy URL

Twitter E-mail

General

Target

676776431fd9c95d10ffc1744598eb2ca0c63f372b9b5d005d704ed7c0880914
Size

342KB
Sample

221127-xepbbsec61
MD5

9311b609782cb1ca1888797121883e8a
SHA1

7f13dcc464264b8173d9a606cb696e79173dcaed
SHA256

676776431fd9c95d10ffc1744598eb2ca0c63f372b9b5d005d704ed7c0880914
SHA512

809d158b64832ba6c8baccd5e0a458b37f0358a9999f6be39a5323abcd7512222d322ef450d7c9d11969a8fdb05fb1e3d41a509a6ea0bde4c9ed983a53c4adde
SSDEEP

6144:3rUxT5Y/SRitAdoyPvpuSlQcwfhUbSzPNfGVWP2mUEC3cS3n:3rUxT5GS0tAd5uSlQVhUkfoEC3Jn

Score

8^/10

vmprotect

Malware Config

Targets

- Target
  
  CCC/aspRwWithJMail.ccc
- Size
  
  668B
- MD5
  
  a6d6cbfa2ead1d0e8a6735aa49b963ff
- SHA1
  
  4ab46b9d97521d870d204bd5d2e6feb11f88138b
- SHA256
  
  9548e6bfa3f499e912ec687030cb40b88e12671191457a5c3746815b2ce548fc
- SHA512
  
  d929c2a163c98b351f2ff6a2043a1356c3ec235a702888dc5aa80afeef1af81a8daf5c1a7f3113817b80ee2510ab777507c0bec2514f982c4898041b38929319
Score

1^/10
behavioral1 behavioral2
- Target
  
  CCC/aspSpy.ccc
- Size
  
  5KB
- MD5
  
  be207c46105c38571ae958ae2da47297
- SHA1
  
  a17a16159b71739d8557ba3d612dac2ee0b9d143
- SHA256
  
  379d9193a223e44cd58489177ae569e5314be0a6a39e559883ca3eebc73a2d43
- SHA512
  
  708edb75e515487129aef271b783d24728f1e79aaca024170766162f65aeef8a6df5af18c552f01650043f0f38141da5c227b48478bf114e283a55e5ffe73611
- SSDEEP
  
  96:R6A8eMvG9rHPnaJAm5iUHSMs9vK/qfg0ypd2ZpHlLkKaiecUereqIgep3Dmvt4+N:kzvx0vvI0y4JJkHinUisgB9
Score

1^/10
behavioral3 behavioral4
- Target
  
  CCC/aspx.ccc
- Size
  
  564B
- MD5
  
  cc07ac4caef188334fc330f62e0a574a
- SHA1
  
  51b24241668fffa49bcf07afa116b38ea7fe3105
- SHA256
  
  47be59faf05c06d8a00a76fe533d0bc71a29d267750d6415aa21b5d82dcb0d4f
- SHA512
  
  b2abbcd79ed6ef27979293a423fd4a4b5fcddcc7956185aae4f150d257fed2fb995ec526062948c664125a41fea16a05873659f6c1748d7feff4e83ce62beb55
Score

1^/10
behavioral5 behavioral6
- Target
  
  CCC/phpSpy.ccc
- Size
  
  148KB
- MD5
  
  ce1a9fc93040d5c94f789b579fe1c106
- SHA1
  
  5e1fe6cad5a4523a463f760ab38dbb18db6ce669
- SHA256
  
  d21797e95b0003d5f1b41a155cced54a45cd22eec3f997e867c11f6173ee7337
- SHA512
  
  dcf8efeccfcd222b996a238b70562a54f27b1231bd283075156d1013aa744cf78f2fe847a3d119d49e73e5a4bfacb9c10bf5b93ecc500ba976985771d7e106f9
- SSDEEP
  
  3072:y8rNsBNX8uFxv6pXoz7LXt20Nav0CutfwImM/9g2B3WYGpSuugeZzbWutPWaBAGK:jkj9BE
Score

1^/10
behavioral7 behavioral8
- Target
  
  Customize/Customize.cfm
- Size
  
  3KB
- MD5
  
  ad8288227240477a95fb023551773c84
- SHA1
  
  1f8cae9d0ac976c991ac2588f14f4b793df382bb
- SHA256
  
  44c1c5c92771c0384182f72e9866d5fed4fda896d90c931fe8de363ed81106cf
- SHA512
  
  fbe0ef988cdd219000a55d158d291d09f9d48258e50d3ff503acd8480940aa3c2b73004da1d04cf301ee4a2eb721552017abf023f11936b74d94fc33b145890f
Score

1^/10
behavioral10 behavioral9
- Target
  
  caidao.exe
- Size
  
  684KB
- MD5
  
  7cd5b85045f9da3f0211c1b5f4e88bc6
- SHA1
  
  ea6c08ae2b56b70d04a2083ab974b834fff00a06
- SHA256
  
  fe596c9a614fa48a6c740f595a245878a1c0710c4205272c02e4325283f57481
- SHA512
  
  2aa8cda8c37d074ed53c8e0ce06f0230efdea295b9a42f7a33de7feb6be4843accbdef9ac737780fb32cb840b576ffe16729c45be2746951f69c45fb6a2b75f2
- SSDEEP
  
  12288:SOQHGMEAAb7O718w6wKk4gKN3BAdMdLmpoMunR:SOQHGvAG7OOw6wFdMdI8nR
Score

8^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral11 behavioral12
- Target
  
  db.tmp
- Size
  
  101KB
- MD5
  
  bcda36d95b2500908993f446f174f0e4
- SHA1
  
  ea35726df90010fb86e86c57c6c9267304df759c
- SHA256
  
  ef17c3fe7f1dbd32436937f68a7b1a3ba0e8c3e85e0ae2441adc4b9bf09fc4e0
- SHA512
  
  446116a9261be0518b01450d35e9c66cd46f6d38f9552d45aaa34218aea1b70e17c2f11459a0b584fbf5956fffc0acebec6b9dcf06215660c2eefd9aba0e1478
- SSDEEP
  
  3072:9nJV8z7bcC52M0fHwYvp865IsgFmT9TP4j:zV8ncCkFfZp86+gC
Score

8^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral13 behavioral14
- Target
  
  readme.txt
- Size
  
  9KB
- MD5
  
  006fed02ff27849fca161c2ba2402d88
- SHA1
  
  68e00cf33a4d2d587002d876c29509b28a0119fe
- SHA256
  
  7441019669cc1c043cc380cbebd24274eb5c16645c6d1ba983966b1e6492f7b2
- SHA512
  
  9f1b2f30c8c9720ecf7af78ee4cac7a3d630c07be18841c8bff9a74db37bf30695fe4981a28a9184fc7e29a9649e2821e0efba354cdac6400deb42d46004798b
- SSDEEP
  
  192:OsAGume8kuhW1HBQnJEw5az8WtczVFA8fJej1n1ZPKGtU7Sw7U9C8+x0lc:OsAGume8kcCBQnJtaz8UczVJejnZPKn5
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

VMProtect packed file

VMProtect packed file

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16