81836f9ecd208c11d37b5cbda9e70263a56d0cca4b539d6bfc128103bab1ea52 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

81836f9ecd...52.exe

windows7-x64

8

81836f9ecd...52.exe

windows10-2004-x64

8

Sharing

General

Target

81836f9ecd208c11d37b5cbda9e70263a56d0cca4b539d6bfc128103bab1ea52
Size

426KB
Sample

221129-hq51wsfc27
MD5

4c60f145b1f849f1c31d4948280735a4
SHA1

98e77cb1a0df22fee30bdc755a255585cee7be8f
SHA256

81836f9ecd208c11d37b5cbda9e70263a56d0cca4b539d6bfc128103bab1ea52
SHA512

33a0a65b0e9537051205a2088bc44323b549afb240534d0319a50c4874bd8d73fed13cf1f5cf592ce952d1b256b4ea40f1a97e63ae00cb0cf24c978c7f13db03
SSDEEP

6144:aw1R8uK7CWmhvAXtAiKkgsaGZ7m/kJKr53+LZRL+9adg5gN+p5J7eEw3/tno:2HA5VGlGnwXC8+5pLeEg/tno

Score

8^/10

evasion trojan vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

81836f9ecd208c11d37b5cbda9e70263a56d0cca4b539d6bfc128103bab1ea52.exe

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

81836f9ecd208c11d37b5cbda9e70263a56d0cca4b539d6bfc128103bab1ea52.exe

Resource

win10v2004-20221111-en

evasion trojan vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  81836f9ecd208c11d37b5cbda9e70263a56d0cca4b539d6bfc128103bab1ea52
- Size
  
  426KB
- MD5
  
  4c60f145b1f849f1c31d4948280735a4
- SHA1
  
  98e77cb1a0df22fee30bdc755a255585cee7be8f
- SHA256
  
  81836f9ecd208c11d37b5cbda9e70263a56d0cca4b539d6bfc128103bab1ea52
- SHA512
  
  33a0a65b0e9537051205a2088bc44323b549afb240534d0319a50c4874bd8d73fed13cf1f5cf592ce952d1b256b4ea40f1a97e63ae00cb0cf24c978c7f13db03
- SSDEEP
  
  6144:aw1R8uK7CWmhvAXtAiKkgsaGZ7m/kJKr53+LZRL+9adg5gN+p5J7eEw3/tno:2HA5VGlGnwXC8+5pLeEg/tno
Score

8^/10

vmprotect evasion trojan
- Drops file in Drivers directory
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

evasiontrojanvmprotect

© 2018-2024

Terms | Privacy