09c92f58d9b11db5d9a7e984cb3270bcc6db79ea153dea86788eccaaa561d50c | Triage

Submit
Reports

Overview

overview

8

Static

static

3

f429fjd4uf84u.exe

windows7-x64

4

f429fjd4uf84u.exe

windows10-2004-x64

8

Resubmissions

04-09-2023 00:34

230904-aw2lnacf8t 8

03-09-2023 22:30

230903-2expxscg96 8

Sharing

General

Target

f429fjd4uf84u.exe
Size

6.1MB
Sample

230903-2expxscg96
MD5

aaead1169523638d40ca4d884e3d787a
SHA1

e6c673b0d2569b0d9c21a82494ea9a5cd2f1b587
SHA256

09c92f58d9b11db5d9a7e984cb3270bcc6db79ea153dea86788eccaaa561d50c
SHA512

81bde7c5632279473493f777733808faa48ada450db174e3f0ed11e22505bfd5970c2022a135213abf9fc2c1e2f047eaee8428308c5e9dd9bb7842edc2deccc3
SSDEEP

196608:LZLecymZqT+XX9Atk+7TDhlXRZvYdtEA6OSwK:Nhyzy9AtpRZv2R6Oy

Score

8^/10

evasion vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f429fjd4uf84u.exe

Resource

win7-20230831-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f429fjd4uf84u.exe

Resource

win10v2004-20230831-en

evasion vmprotect

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  f429fjd4uf84u.exe
- Size
  
  6.1MB
- MD5
  
  aaead1169523638d40ca4d884e3d787a
- SHA1
  
  e6c673b0d2569b0d9c21a82494ea9a5cd2f1b587
- SHA256
  
  09c92f58d9b11db5d9a7e984cb3270bcc6db79ea153dea86788eccaaa561d50c
- SHA512
  
  81bde7c5632279473493f777733808faa48ada450db174e3f0ed11e22505bfd5970c2022a135213abf9fc2c1e2f047eaee8428308c5e9dd9bb7842edc2deccc3
- SSDEEP
  
  196608:LZLecymZqT+XX9Atk+7TDhlXRZvYdtEA6OSwK:Nhyzy9AtpRZv2R6Oy
Score

8^/10

evasion vmprotect
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionvmprotect

© 2018-2024

Terms | Privacy