fc9d0ff8a0dab73ef6ab0b3407d2da8458932e79d7e1bdb5de318439fbb6265c | Triage

Submit
Reports

Overview

overview

8

Static

static

8

fc9d0ff8a0...5c.exe

windows7-x64

8

fc9d0ff8a0...5c.exe

windows10-2004-x64

8

Sharing

General

Target

fc9d0ff8a0dab73ef6ab0b3407d2da8458932e79d7e1bdb5de318439fbb6265c
Size

398KB
Sample

221204-mkbx3sed4w
MD5

40faff7b3155d38e2d118127fabcbd2a
SHA1

aa8eb83684073f08b90fdb4abf1f355f6838a5db
SHA256

fc9d0ff8a0dab73ef6ab0b3407d2da8458932e79d7e1bdb5de318439fbb6265c
SHA512

095ef6a88bcf68a63d4bd04fe12db0b44a9e6f1eee35544fb4eba479313957d575164a071e96f2cae5199155010862c5f475acf124a29b156d66f22698671eca
SSDEEP

6144:+6zETtNq+bdpo1XI43BsNTn3XMsauPVTa+hSftW22B:+5Tzo1XIGBsNT3XGuPVphSd2

Score

8^/10

evasion trojan vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fc9d0ff8a0dab73ef6ab0b3407d2da8458932e79d7e1bdb5de318439fbb6265c.exe

Resource

win7-20220812-en

evasion trojan vmprotect

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc9d0ff8a0dab73ef6ab0b3407d2da8458932e79d7e1bdb5de318439fbb6265c.exe

Resource

win10v2004-20220812-en

evasion trojan vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  fc9d0ff8a0dab73ef6ab0b3407d2da8458932e79d7e1bdb5de318439fbb6265c
- Size
  
  398KB
- MD5
  
  40faff7b3155d38e2d118127fabcbd2a
- SHA1
  
  aa8eb83684073f08b90fdb4abf1f355f6838a5db
- SHA256
  
  fc9d0ff8a0dab73ef6ab0b3407d2da8458932e79d7e1bdb5de318439fbb6265c
- SHA512
  
  095ef6a88bcf68a63d4bd04fe12db0b44a9e6f1eee35544fb4eba479313957d575164a071e96f2cae5199155010862c5f475acf124a29b156d66f22698671eca
- SSDEEP
  
  6144:+6zETtNq+bdpo1XI43BsNTn3XMsauPVTa+hSftW22B:+5Tzo1XIGBsNT3XGuPVphSd2
Score

8^/10

evasion trojan vmprotect
- Drops file in Drivers directory
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanvmprotect

behavioral2

evasiontrojanvmprotect

© 2018-2024

Terms | Privacy