7513ea6906f4fb5f683043ce3f55ddcd831f67b2a696e571b00d094ff1895d6c | Triage

Submit
Reports

Overview

overview

8

Static

static

8

7513ea6906...6c.exe

windows7-x64

8

7513ea6906...6c.exe

windows10-2004-x64

8

Sharing

General

Target

7513ea6906f4fb5f683043ce3f55ddcd831f67b2a696e571b00d094ff1895d6c
Size

772KB
Sample

221129-jksztahg73
MD5

8963d382ec419fce86cef57bf08644f1
SHA1

6f75708d89f91a3cf3575204384580a815b03235
SHA256

7513ea6906f4fb5f683043ce3f55ddcd831f67b2a696e571b00d094ff1895d6c
SHA512

8fd640f65e0aded8ee6cbcc18afade5380c6df0ff74bd654ee64bd38a224531bc8f4b33cce151b3e0cac9237d5f82f93be2c4174fdae396dcb5ea6056466e7d4
SSDEEP

24576:fpaEjM2031svqok7pG8LkqSNncR2aHo7OLW:QEI3kdePrwcQG

Score

8^/10

persistence vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7513ea6906f4fb5f683043ce3f55ddcd831f67b2a696e571b00d094ff1895d6c.exe

Resource

win7-20220812-en

persistence vmprotect

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

7513ea6906f4fb5f683043ce3f55ddcd831f67b2a696e571b00d094ff1895d6c.exe

Resource

win10v2004-20220812-en

persistence vmprotect

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  7513ea6906f4fb5f683043ce3f55ddcd831f67b2a696e571b00d094ff1895d6c
- Size
  
  772KB
- MD5
  
  8963d382ec419fce86cef57bf08644f1
- SHA1
  
  6f75708d89f91a3cf3575204384580a815b03235
- SHA256
  
  7513ea6906f4fb5f683043ce3f55ddcd831f67b2a696e571b00d094ff1895d6c
- SHA512
  
  8fd640f65e0aded8ee6cbcc18afade5380c6df0ff74bd654ee64bd38a224531bc8f4b33cce151b3e0cac9237d5f82f93be2c4174fdae396dcb5ea6056466e7d4
- SSDEEP
  
  24576:fpaEjM2031svqok7pG8LkqSNncR2aHo7OLW:QEI3kdePrwcQG
Score

8^/10

persistence vmprotect
- Executes dropped EXE
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencevmprotect

behavioral2

persistencevmprotect

© 2018-2024

Terms | Privacy