84fd083f6fbc32d34fbc28765942a27c5277c7ce196d2104ad4dc753de8eb9ff | Triage

Submit
Reports

Overview

overview

8

Static

static

8

84fd083f6f...ff.exe

windows7-x64

8

84fd083f6f...ff.exe

windows10-2004-x64

8

Sharing

General

Target

84fd083f6fbc32d34fbc28765942a27c5277c7ce196d2104ad4dc753de8eb9ff
Size

1.7MB
Sample

221205-h2kjbsga44
MD5

5be5b9c0afcbb87cf249a28700605475
SHA1

aa6b1c8c268c5853d451c62c5f64d700caa9e754
SHA256

84fd083f6fbc32d34fbc28765942a27c5277c7ce196d2104ad4dc753de8eb9ff
SHA512

27a3ed9c3bb7d806d6380f1f420d1811c411e98a4a1c46e657b701625ff50dc373ae8e028af284054531618dbc1865b08ea9d2fc9c2b73d4794eb76ff079efd3
SSDEEP

49152:IzfZVMidbkvoUT2oKBKz1mhDyDT3ntrCDsQZ:alkvo02bBKzU0rCD

Score

8^/10

persistence vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

84fd083f6fbc32d34fbc28765942a27c5277c7ce196d2104ad4dc753de8eb9ff.exe

Resource

win7-20221111-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

84fd083f6fbc32d34fbc28765942a27c5277c7ce196d2104ad4dc753de8eb9ff.exe

Resource

win10v2004-20220812-en

persistence vmprotect

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  84fd083f6fbc32d34fbc28765942a27c5277c7ce196d2104ad4dc753de8eb9ff
- Size
  
  1.7MB
- MD5
  
  5be5b9c0afcbb87cf249a28700605475
- SHA1
  
  aa6b1c8c268c5853d451c62c5f64d700caa9e754
- SHA256
  
  84fd083f6fbc32d34fbc28765942a27c5277c7ce196d2104ad4dc753de8eb9ff
- SHA512
  
  27a3ed9c3bb7d806d6380f1f420d1811c411e98a4a1c46e657b701625ff50dc373ae8e028af284054531618dbc1865b08ea9d2fc9c2b73d4794eb76ff079efd3
- SSDEEP
  
  49152:IzfZVMidbkvoUT2oKBKz1mhDyDT3ntrCDsQZ:alkvo02bBKzU0rCD
Score

8^/10

vmprotect persistence
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

persistencevmprotect

© 2018-2025

Terms | Privacy