Overview

overview

7

Static

static

7

d35c18d43c...b7.exe

windows7-x64

7

d35c18d43c...b7.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d35c18d43c9519fa7bea512743c0aa4a5754fe10ecb65b721d5db3c25973a5b7

  • Size

    5.6MB

  • Sample

    230325-gpbvzsbd72

  • MD5

    d385415d784a7f3ce5235748c9102e14

  • SHA1

    b22d06547a45a2190ce4abd95a30fdb896e271bc

  • SHA256

    d35c18d43c9519fa7bea512743c0aa4a5754fe10ecb65b721d5db3c25973a5b7

  • SHA512

    f95c22ad71a57c8edbdf23723da75fc77a88a531ca195ad5ba2bb71a830f9f42aeae546b9a5734acbe7f341aeb7f443fb04699cb772e1f3fe551e04496c2174b

  • SSDEEP

    98304:rQpteimhL0SAAX8tlhhaGqdrqFH2X4yrmVmF5yM4l8vvLZ7ar0:0pHmhL0SV8IhqF81rmQF5yM4CvDZ

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      d35c18d43c9519fa7bea512743c0aa4a5754fe10ecb65b721d5db3c25973a5b7

    • Size

      5.6MB

    • MD5

      d385415d784a7f3ce5235748c9102e14

    • SHA1

      b22d06547a45a2190ce4abd95a30fdb896e271bc

    • SHA256

      d35c18d43c9519fa7bea512743c0aa4a5754fe10ecb65b721d5db3c25973a5b7

    • SHA512

      f95c22ad71a57c8edbdf23723da75fc77a88a531ca195ad5ba2bb71a830f9f42aeae546b9a5734acbe7f341aeb7f443fb04699cb772e1f3fe551e04496c2174b

    • SSDEEP

      98304:rQpteimhL0SAAX8tlhhaGqdrqFH2X4yrmVmF5yM4l8vvLZ7ar0:0pHmhL0SV8IhqF81rmQF5yM4CvDZ

    Score
    7/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks