Overview

overview

8

Static

static

8

836221f3e6...cf.exe

windows7-x64

8

836221f3e6...cf.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    836221f3e6fd7d73cb32b26ad8a24c3f041347a8f12b6347f2e4d43dc2638bcf

  • Size

    492KB

  • Sample

    221129-sgvhxadf5s

  • MD5

    a458e0ee9142b5ebb9aae318b5c6e36b

  • SHA1

    491863e6871f52ff1c8362beefad620aeff5fb99

  • SHA256

    836221f3e6fd7d73cb32b26ad8a24c3f041347a8f12b6347f2e4d43dc2638bcf

  • SHA512

    ab99ccbfe5f90605d416bf6d9c9725c54cac1185ec44f0fcb2cce1324085afb0f335a70225218d40c52b9bb05a7eafb0d3b5539d69066980ad1395446de180fb

  • SSDEEP

    12288:9kkUe4YI4e/8DAm16XF55w2ggFfnA3VR+9gdUbRRT3aZ:GkUeK8v16XD5hgZRpdcDraZ

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      836221f3e6fd7d73cb32b26ad8a24c3f041347a8f12b6347f2e4d43dc2638bcf

    • Size

      492KB

    • MD5

      a458e0ee9142b5ebb9aae318b5c6e36b

    • SHA1

      491863e6871f52ff1c8362beefad620aeff5fb99

    • SHA256

      836221f3e6fd7d73cb32b26ad8a24c3f041347a8f12b6347f2e4d43dc2638bcf

    • SHA512

      ab99ccbfe5f90605d416bf6d9c9725c54cac1185ec44f0fcb2cce1324085afb0f335a70225218d40c52b9bb05a7eafb0d3b5539d69066980ad1395446de180fb

    • SSDEEP

      12288:9kkUe4YI4e/8DAm16XF55w2ggFfnA3VR+9gdUbRRT3aZ:GkUeK8v16XD5hgZRpdcDraZ

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks