Overview

overview

9

Static

static

8

a2eb321a15...a2.exe

windows7-x64

9

a2eb321a15...a2.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2eb321a15f0940045c143daf17e329cb5f6d35e0ef1706c51cd1b08f6069ea2

  • Size

    1.6MB

  • Sample

    221205-vpqk2ach6w

  • MD5

    a5a5aa01c53aa77845fbeaddd2f19159

  • SHA1

    b57c183ca2b93d408a5bba1e0e5db70e77e47df8

  • SHA256

    a2eb321a15f0940045c143daf17e329cb5f6d35e0ef1706c51cd1b08f6069ea2

  • SHA512

    8d268a203c149106056fb747ba3020986a9f0ec9e84259fed65d9f0353d75d6c7322422bd8a07792dde172c345d60c51e72878895cf46af6c87badd71a3f383b

  • SSDEEP

    24576:T3TEGxDom1OqsR5ZBqOEAyC0rYDdzUjoJLvyW0zjbnp76:TnYnqkgje0nTY

Score
9/10
upxvmprotect

Malware Config

Targets

    • Target

      a2eb321a15f0940045c143daf17e329cb5f6d35e0ef1706c51cd1b08f6069ea2

    • Size

      1.6MB

    • MD5

      a5a5aa01c53aa77845fbeaddd2f19159

    • SHA1

      b57c183ca2b93d408a5bba1e0e5db70e77e47df8

    • SHA256

      a2eb321a15f0940045c143daf17e329cb5f6d35e0ef1706c51cd1b08f6069ea2

    • SHA512

      8d268a203c149106056fb747ba3020986a9f0ec9e84259fed65d9f0353d75d6c7322422bd8a07792dde172c345d60c51e72878895cf46af6c87badd71a3f383b

    • SSDEEP

      24576:T3TEGxDom1OqsR5ZBqOEAyC0rYDdzUjoJLvyW0zjbnp76:TnYnqkgje0nTY

    Score
    9/10
    upxvmprotect

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks