Overview

overview

8

Static

static

8

c06951ac98...fc.dll

windows7-x64

8

c06951ac98...fc.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c06951ac98e587108543cbf20046700efe80d257a5b34205622ad8bd2049adfc

  • Size

    3.7MB

  • Sample

    221129-yhnpmsde7z

  • MD5

    4668d4fcd04969101d04962e32a704fe

  • SHA1

    a5521b12c834b5c1f3bf9dd84799cb95d6c17a51

  • SHA256

    c06951ac98e587108543cbf20046700efe80d257a5b34205622ad8bd2049adfc

  • SHA512

    221ae63eac60bce41e179d1407b58a43c437803e5764a08379bd2f8b63df5ec367c3d91e1ea6f57fd0d9d85a7b64206dc229ac7efb58c4a3aa550aaee3d944ef

  • SSDEEP

    49152:Ta1PGtlqJIU6irgk0FtF8Eing5BIxCoj0QUTIwEnVPPqpGx9Tlz:+W+8HIxCoj0QUTIwkcpGx

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      c06951ac98e587108543cbf20046700efe80d257a5b34205622ad8bd2049adfc

    • Size

      3.7MB

    • MD5

      4668d4fcd04969101d04962e32a704fe

    • SHA1

      a5521b12c834b5c1f3bf9dd84799cb95d6c17a51

    • SHA256

      c06951ac98e587108543cbf20046700efe80d257a5b34205622ad8bd2049adfc

    • SHA512

      221ae63eac60bce41e179d1407b58a43c437803e5764a08379bd2f8b63df5ec367c3d91e1ea6f57fd0d9d85a7b64206dc229ac7efb58c4a3aa550aaee3d944ef

    • SSDEEP

      49152:Ta1PGtlqJIU6irgk0FtF8Eing5BIxCoj0QUTIwEnVPPqpGx9Tlz:+W+8HIxCoj0QUTIwkcpGx

    Score
    8/10
    vmprotect

    • Blocklisted process makes network request

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks