e7f4bae5fd7a15bd269b0460c395f9f3b0168a5012e47ceabd48748b5aec2411 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

xx.vmp.exe

windows10-2004-x64

7

Sharing

General

Target

xx.vmp.exe
Size

669KB
Sample

230715-xmg7zsbf34
MD5

a5be759450ca107d0ae80a275b697c8a
SHA1

0896ddf9cc0d6ab5a3e94d1509e5883592485e87
SHA256

e7f4bae5fd7a15bd269b0460c395f9f3b0168a5012e47ceabd48748b5aec2411
SHA512

7f85c07c04c9dac7f14a4a15d248976bc755a63141bc20adc0da378608458c59ddf7300e651b3cf5adc523f08668887f1558d039028af31a6a59e723932597dc
SSDEEP

12288:jvJvdzf4U7b90FO9zafsx2zDK0e0HO0mI5jYxAuFHV2:DJVTjf90FO92fsiFe0HOgyxHb2

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

xx.vmp.exe

Resource

win10v2004-20230703-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  xx.vmp.exe
- Size
  
  669KB
- MD5
  
  a5be759450ca107d0ae80a275b697c8a
- SHA1
  
  0896ddf9cc0d6ab5a3e94d1509e5883592485e87
- SHA256
  
  e7f4bae5fd7a15bd269b0460c395f9f3b0168a5012e47ceabd48748b5aec2411
- SHA512
  
  7f85c07c04c9dac7f14a4a15d248976bc755a63141bc20adc0da378608458c59ddf7300e651b3cf5adc523f08668887f1558d039028af31a6a59e723932597dc
- SSDEEP
  
  12288:jvJvdzf4U7b90FO9zafsx2zDK0e0HO0mI5jYxAuFHV2:DJVTjf90FO92fsiFe0HOgyxHb2
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy