Overview

overview

8

Static

static

8

8079eabd2d...4a.exe

windows7-x64

8

8079eabd2d...4a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8079eabd2d1f72edc5d5632b08ebff406d2cc7ed8189c0316b6ff60ac355f44a

  • Size

    596KB

  • Sample

    221206-rbxweagg3w

  • MD5

    4fe9586d89f22a06938e0b859ace5fad

  • SHA1

    c66acf504faf779413c868059b704e7a0fa19c0a

  • SHA256

    8079eabd2d1f72edc5d5632b08ebff406d2cc7ed8189c0316b6ff60ac355f44a

  • SHA512

    f9ac684eb498c2814a22db5ba162ef4b7a2259e56edee6926739b3c431b3666aa1026fc607aa53c0b68b9e870b54276577fdf58ac53abfb799fbfd0057208b9d

  • SSDEEP

    12288:9PjQ+LHlbdB0iDIxq9rNwAJvVlcs8o5vzK9hjB1+xREI/PkBRFsQ:mq/0iB9rhJvV+DodzAhjB1CEIHkBb

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      8079eabd2d1f72edc5d5632b08ebff406d2cc7ed8189c0316b6ff60ac355f44a

    • Size

      596KB

    • MD5

      4fe9586d89f22a06938e0b859ace5fad

    • SHA1

      c66acf504faf779413c868059b704e7a0fa19c0a

    • SHA256

      8079eabd2d1f72edc5d5632b08ebff406d2cc7ed8189c0316b6ff60ac355f44a

    • SHA512

      f9ac684eb498c2814a22db5ba162ef4b7a2259e56edee6926739b3c431b3666aa1026fc607aa53c0b68b9e870b54276577fdf58ac53abfb799fbfd0057208b9d

    • SSDEEP

      12288:9PjQ+LHlbdB0iDIxq9rNwAJvVlcs8o5vzK9hjB1+xREI/PkBRFsQ:mq/0iB9rhJvV+DodzAhjB1CEIHkBb

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks