ddc80fa32436daf578d44314f43e7aa5aa11e53c1c002780579d1ee1e2c85426 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

ddc80fa324...26.dll

windows7-x64

8

ddc80fa324...26.dll

windows10-2004-x64

8

Sharing

General

Target

ddc80fa32436daf578d44314f43e7aa5aa11e53c1c002780579d1ee1e2c85426
Size

178KB
Sample

221203-y292zsfg9w
MD5

215193140795e86cf7cf538bbe935188
SHA1

a4e240d63976a940e5aa6da6cd5eca41967af8dd
SHA256

ddc80fa32436daf578d44314f43e7aa5aa11e53c1c002780579d1ee1e2c85426
SHA512

d3399b0901f9e7cd34316aaad0db605ed6c1e9d607b68bedb7f2b60e4d3b875e54d311a6f25dce42a375758572fe1ffddb97aaae94d2ff2828712c41b4348fb9
SSDEEP

3072:iRbvvVszkyf+H8M6JMnY/YpBi9teVjw2x7iCEujjvsYFRg/L5HyfIetstITqYsCn:CbvvVsQO+cMuugYni+VviC7jvFc/LIft

Score

8^/10

persistence vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ddc80fa32436daf578d44314f43e7aa5aa11e53c1c002780579d1ee1e2c85426.dll

Resource

win7-20221111-en

persistence vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

ddc80fa32436daf578d44314f43e7aa5aa11e53c1c002780579d1ee1e2c85426.dll

Resource

win10v2004-20221111-en

persistence vmprotect

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  ddc80fa32436daf578d44314f43e7aa5aa11e53c1c002780579d1ee1e2c85426
- Size
  
  178KB
- MD5
  
  215193140795e86cf7cf538bbe935188
- SHA1
  
  a4e240d63976a940e5aa6da6cd5eca41967af8dd
- SHA256
  
  ddc80fa32436daf578d44314f43e7aa5aa11e53c1c002780579d1ee1e2c85426
- SHA512
  
  d3399b0901f9e7cd34316aaad0db605ed6c1e9d607b68bedb7f2b60e4d3b875e54d311a6f25dce42a375758572fe1ffddb97aaae94d2ff2828712c41b4348fb9
- SSDEEP
  
  3072:iRbvvVszkyf+H8M6JMnY/YpBi9teVjw2x7iCEujjvsYFRg/L5HyfIetstITqYsCn:CbvvVsQO+cMuugYni+VviC7jvFc/LIft
Score

8^/10

persistence vmprotect
- Sets DLL path for service in the registry
  persistence
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencevmprotect

behavioral2

persistencevmprotect

© 2018-2025

Terms | Privacy