6e5f8e88e79ba41e31c47a8206a6faa432b10ae1ed829d4d47e4217b19e40652 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

6e5f8e88e7...52.dll

windows7-x64

8

6e5f8e88e7...52.dll

windows10-2004-x64

8

Sharing

General

Target

6e5f8e88e79ba41e31c47a8206a6faa432b10ae1ed829d4d47e4217b19e40652
Size

788KB
Sample

221203-cmsnhaaa2v
MD5

d86ec7251d371878ba6ff9c4dcd97bf0
SHA1

66f0edc0e2a0e6d5c8fbd2e42b5e294df1f0ff15
SHA256

6e5f8e88e79ba41e31c47a8206a6faa432b10ae1ed829d4d47e4217b19e40652
SHA512

45205e0a04f10de04370e9c8f392ce7d9db15cb7bec5837de8705065a841db91d0daff3ab93eb8d55caa6e26fe493f622e6f3c661e951d9a4ff7d3524e689478
SSDEEP

24576:8ChFkESgPcPK/99vO9JhOFEqAj8Jh+9pObjEp:8CjkGZ/99vYhOFEpiY9pObja

Score

8^/10

vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6e5f8e88e79ba41e31c47a8206a6faa432b10ae1ed829d4d47e4217b19e40652.dll

Resource

win7-20220812-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6e5f8e88e79ba41e31c47a8206a6faa432b10ae1ed829d4d47e4217b19e40652.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  6e5f8e88e79ba41e31c47a8206a6faa432b10ae1ed829d4d47e4217b19e40652
- Size
  
  788KB
- MD5
  
  d86ec7251d371878ba6ff9c4dcd97bf0
- SHA1
  
  66f0edc0e2a0e6d5c8fbd2e42b5e294df1f0ff15
- SHA256
  
  6e5f8e88e79ba41e31c47a8206a6faa432b10ae1ed829d4d47e4217b19e40652
- SHA512
  
  45205e0a04f10de04370e9c8f392ce7d9db15cb7bec5837de8705065a841db91d0daff3ab93eb8d55caa6e26fe493f622e6f3c661e951d9a4ff7d3524e689478
- SSDEEP
  
  24576:8ChFkESgPcPK/99vO9JhOFEqAj8Jh+9pObjEp:8CjkGZ/99vYhOFEpiY9pObja
Score

8^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy