Overview

overview

8

Static

static

8

6e319dc10f...6c.exe

windows7-x64

8

6e319dc10f...6c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6e319dc10f3b79842c936c8bfc66a3c8b3db17c950186af569429c445ea6db6c

  • Size

    1.8MB

  • Sample

    221129-jyts9sea5x

  • MD5

    78441f991293b8d65f3b68bc1539d582

  • SHA1

    8ce1e5dfff6cb3e003bab58319cde8de8c720469

  • SHA256

    6e319dc10f3b79842c936c8bfc66a3c8b3db17c950186af569429c445ea6db6c

  • SHA512

    156a47740901b1df797684a5575d2a1806cd9acacfc92105bbf5db887d4402052f1a5728937e45bd4bb78a240fc749e60b820b6e349ce1b64c42a62e2f0b44e5

  • SSDEEP

    49152:oTomOgdQjNHREmE7A9D5l8O1U96I89WiG:oTCpumEOtxg6IUWi

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      6e319dc10f3b79842c936c8bfc66a3c8b3db17c950186af569429c445ea6db6c

    • Size

      1.8MB

    • MD5

      78441f991293b8d65f3b68bc1539d582

    • SHA1

      8ce1e5dfff6cb3e003bab58319cde8de8c720469

    • SHA256

      6e319dc10f3b79842c936c8bfc66a3c8b3db17c950186af569429c445ea6db6c

    • SHA512

      156a47740901b1df797684a5575d2a1806cd9acacfc92105bbf5db887d4402052f1a5728937e45bd4bb78a240fc749e60b820b6e349ce1b64c42a62e2f0b44e5

    • SSDEEP

      49152:oTomOgdQjNHREmE7A9D5l8O1U96I89WiG:oTCpumEOtxg6IUWi

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks