Overview

overview

10

Static

static

7

sample.exe

windows7-x64

10

sample.exe

windows10-2004-x64

10

Resubmissions

17-03-2023 20:37

230317-zekn9abh7x 10

24-01-2023 20:45

230124-zj56radf68 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    67c911510e257b341be77bc2a88cedc99ace2af852f7825d9710016619875e80.bin.sample.gz

  • Size

    549KB

  • Sample

    230317-zekn9abh7x

  • MD5

    a04a6cf4122d6ac125c61a1c95275912

  • SHA1

    4eee7ecf6c8e61ab1c49f83a7bbe963643b923b0

  • SHA256

    ce833ef49cd55eddec8d5f2a40bcaf58329c9c7a9ffa1caf58e4d877941b820c

  • SHA512

    7d68b1175f5caa7cbf3df1c17a927de64056780da181af5bc0704cd46bf103665168a3ff97b40249694359dde252f05ef5098a52ee497b472de804928eebf165

  • SSDEEP

    12288:vzs80r0o7Mwx/QJd4+M/bUj+934Mr8iTjj4VrZei0J7Z82YHHEMb7fb+GhIN:vw80r0ogM/QJu+M/zzr8iEVrp0Jl85Hm

Score
10/10
turianbackdoorvmprotect

Malware Config

Extracted

Family

turian

C2

update.delldrivers.in

Targets

    • Target

      sample

    • Size

      559KB

    • MD5

      7b3f7c751a5c3b1823baac97ccb4d4c6

    • SHA1

      615b5a92b6066fc992dae0d5f6abf29fe53cf2f9

    • SHA256

      67c911510e257b341be77bc2a88cedc99ace2af852f7825d9710016619875e80

    • SHA512

      1a42e7e925c8d9c93572c27d0fa702d1714618eb7f82288320fe1849553ed2bed52624dc30d5b2996cd973e64cc9624b564d40d856424cb060fb9ec3e4e33b07

    • SSDEEP

      12288:399xY4k5NNrT+S4+r0qN2v/7oqYvxpteC+31PHzHxpAUSiVHR84N:3rx85PrTJr0qAv/cqG6l1PHzHvCiVHRZ

    Score
    10/10
    turianbackdoorvmprotect

    • turian

      C++ Backdoor attributed to the chinese APT15.

      backdoorturian

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks