984317557ff8dabe4f9b831adb0e5a964c69b9d0cbeeabac2450f7b76b89f18d | Triage

Submit
Reports

Overview

overview

Static

static

8

984317557f...8d.exe

windows7-x64

984317557f...8d.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

984317557ff8dabe4f9b831adb0e5a964c69b9d0cbeeabac2450f7b76b89f18d
Size

168KB
Sample

221201-zhxg8adb2v
MD5

35e6c1bd71713b3f8864ef31ad3aa783
SHA1

908084f971e91c158a1f0b99b481c2afc0e7f15c
SHA256

984317557ff8dabe4f9b831adb0e5a964c69b9d0cbeeabac2450f7b76b89f18d
SHA512

4d18c86f581ad634f045bc6852cc2a65440c3fb62ac7eb6d77b4de91039d4142210ab0aacd87f0c1b68dced8daf16c0ec10d1d10e385650c860eee7394f43631
SSDEEP

3072:kgUxT0GrZD0jbbpu4S5xxoysqDv2DI+NPB2+lf4HbEE6KWQNmSF:kJxT0iZojbbpuh5xxokDabNI+pnI

Score

10^/10

evasion trojan vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

984317557ff8dabe4f9b831adb0e5a964c69b9d0cbeeabac2450f7b76b89f18d.exe

Resource

win7-20220812-en

evasion trojan vmprotect

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

984317557ff8dabe4f9b831adb0e5a964c69b9d0cbeeabac2450f7b76b89f18d.exe

Resource

win10v2004-20221111-en

evasion trojan vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  984317557ff8dabe4f9b831adb0e5a964c69b9d0cbeeabac2450f7b76b89f18d
- Size
  
  168KB
- MD5
  
  35e6c1bd71713b3f8864ef31ad3aa783
- SHA1
  
  908084f971e91c158a1f0b99b481c2afc0e7f15c
- SHA256
  
  984317557ff8dabe4f9b831adb0e5a964c69b9d0cbeeabac2450f7b76b89f18d
- SHA512
  
  4d18c86f581ad634f045bc6852cc2a65440c3fb62ac7eb6d77b4de91039d4142210ab0aacd87f0c1b68dced8daf16c0ec10d1d10e385650c860eee7394f43631
- SSDEEP
  
  3072:kgUxT0GrZD0jbbpu4S5xxoysqDv2DI+NPB2+lf4HbEE6KWQNmSF:kJxT0iZojbbpuh5xxokDabNI+pnI
Score

10^/10

evasion trojan vmprotect
- UAC bypass
  evasion trojan
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanvmprotect

behavioral2

evasiontrojanvmprotect

© 2018-2025

Terms | Privacy