804c907fc99134e018d6fcb4371b65826633c0184f8976fe4a24d19803203d78 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

804c907fc9...78.exe

windows7-x64

8

804c907fc9...78.exe

windows10-2004-x64

8

Sharing

General

Target

804c907fc99134e018d6fcb4371b65826633c0184f8976fe4a24d19803203d78
Size

400KB
Sample

221129-hwx78sff93
MD5

ea48a9ca64f7418365b9604aa7a97aeb
SHA1

795340a02494d3ff0406e5139fa4027189912676
SHA256

804c907fc99134e018d6fcb4371b65826633c0184f8976fe4a24d19803203d78
SHA512

e04b7eb4e10bdf4f8babbae1439f6a78e6e8721bb7c47301eafe1a5e410abdf8bf604aa89db53409eba2a76bacd6f636a77169e15f4b73106eadaa3cee00f7ac
SSDEEP

6144:HJqr5L3BT9qj8tfRlIgVVu+z1J+x3DdHO2kju9m8nlm96+igw:HJ03BBFdXrj53+ZRHOvjumclnxB

Score

8^/10

evasion trojan vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

804c907fc99134e018d6fcb4371b65826633c0184f8976fe4a24d19803203d78.exe

Resource

win7-20220812-en

evasion trojan vmprotect

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

804c907fc99134e018d6fcb4371b65826633c0184f8976fe4a24d19803203d78.exe

Resource

win10v2004-20220812-en

evasion trojan vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  804c907fc99134e018d6fcb4371b65826633c0184f8976fe4a24d19803203d78
- Size
  
  400KB
- MD5
  
  ea48a9ca64f7418365b9604aa7a97aeb
- SHA1
  
  795340a02494d3ff0406e5139fa4027189912676
- SHA256
  
  804c907fc99134e018d6fcb4371b65826633c0184f8976fe4a24d19803203d78
- SHA512
  
  e04b7eb4e10bdf4f8babbae1439f6a78e6e8721bb7c47301eafe1a5e410abdf8bf604aa89db53409eba2a76bacd6f636a77169e15f4b73106eadaa3cee00f7ac
- SSDEEP
  
  6144:HJqr5L3BT9qj8tfRlIgVVu+z1J+x3DdHO2kju9m8nlm96+igw:HJ03BBFdXrj53+ZRHOvjumclnxB
Score

8^/10

evasion trojan vmprotect
- Drops file in Drivers directory
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasiontrojanvmprotect

behavioral2

evasiontrojanvmprotect

© 2018-2024

Terms | Privacy