Overview

overview

8

Static

static

8

94fa933f4c...a8.exe

windows7-x64

8

94fa933f4c...a8.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94fa933f4c0792d21c4665b9a7b16f541ec62aeb3d159f781b816f5dda2d85a8

  • Size

    1.2MB

  • Sample

    221129-kp6l5sdc89

  • MD5

    af6dcf895fc18a023c642633a1531a8a

  • SHA1

    2bc0e689d21409dd17aaa20a33c165f1751d894a

  • SHA256

    94fa933f4c0792d21c4665b9a7b16f541ec62aeb3d159f781b816f5dda2d85a8

  • SHA512

    f8504e5b894f7c0f71d057c95b75449404917e24de08e6618fb967543b981abb99d63c59140121a4bdecc0cb2ca6b827a8954a9ecae47722355c5b9b316d8f8e

  • SSDEEP

    24576:PtHFWqccyMnA4AzqUHWjQrW0ftmLtLHFbAH37kJI46mD9h+daMNv5Evc:PtHFi7zqUHWUHVmLxVW37WxpDBMNv5Ek

Score
8/10
upxvmprotect

Malware Config

Targets

    • Target

      94fa933f4c0792d21c4665b9a7b16f541ec62aeb3d159f781b816f5dda2d85a8

    • Size

      1.2MB

    • MD5

      af6dcf895fc18a023c642633a1531a8a

    • SHA1

      2bc0e689d21409dd17aaa20a33c165f1751d894a

    • SHA256

      94fa933f4c0792d21c4665b9a7b16f541ec62aeb3d159f781b816f5dda2d85a8

    • SHA512

      f8504e5b894f7c0f71d057c95b75449404917e24de08e6618fb967543b981abb99d63c59140121a4bdecc0cb2ca6b827a8954a9ecae47722355c5b9b316d8f8e

    • SSDEEP

      24576:PtHFWqccyMnA4AzqUHWjQrW0ftmLtLHFbAH37kJI46mD9h+daMNv5Evc:PtHFi7zqUHWUHVmLxVW37WxpDBMNv5Ek

    Score
    8/10
    upxvmprotect

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks