Overview

overview

8

Static

static

7

015ec8a7dc...f9.exe

windows7-x64

8

015ec8a7dc...f9.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    015ec8a7dc343e6d1aabb593e77a894b23f44cc2c7d5eec0de03c3620a938cf9

  • Size

    5.7MB

  • Sample

    230324-e1vq5acb75

  • MD5

    06d51eba5329714f34565ff6be36f525

  • SHA1

    47bb5130d05bcbd9551fbcd0aff303f4ac5074f2

  • SHA256

    015ec8a7dc343e6d1aabb593e77a894b23f44cc2c7d5eec0de03c3620a938cf9

  • SHA512

    1f4c026d7cb099911c9d31b2ff35ff562c5a84f5e54b35869355d1b4c23d2b9ae1de5c1b564575f457c8a10479108c40c94ff9016ecb0c7cae27b286877388cd

  • SSDEEP

    98304:y0j1Ij9ZLj7kTVOV3lXLeUcq1cM4DoctB/pUc+crheufhqb0oWnybXEnumqTwQnK:y0jahZQZO9hLeUcq74DoCN+crtMwnuml

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      015ec8a7dc343e6d1aabb593e77a894b23f44cc2c7d5eec0de03c3620a938cf9

    • Size

      5.7MB

    • MD5

      06d51eba5329714f34565ff6be36f525

    • SHA1

      47bb5130d05bcbd9551fbcd0aff303f4ac5074f2

    • SHA256

      015ec8a7dc343e6d1aabb593e77a894b23f44cc2c7d5eec0de03c3620a938cf9

    • SHA512

      1f4c026d7cb099911c9d31b2ff35ff562c5a84f5e54b35869355d1b4c23d2b9ae1de5c1b564575f457c8a10479108c40c94ff9016ecb0c7cae27b286877388cd

    • SSDEEP

      98304:y0j1Ij9ZLj7kTVOV3lXLeUcq1cM4DoctB/pUc+crheufhqb0oWnybXEnumqTwQnK:y0jahZQZO9hLeUcq74DoCN+crtMwnuml

    Score
    8/10
    vmprotect

    • Drops file in Drivers directory

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks