6c90e24eb13acf75f44db77c54163eb997f96a5d14734b85fd93c71af54b0a35 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

6c90e24eb1...35.exe

windows7-x64

7

6c90e24eb1...35.exe

windows10-2004-x64

7

Sharing

General

Target

6c90e24eb13acf75f44db77c54163eb997f96a5d14734b85fd93c71af54b0a35
Size

13.7MB
Sample

230920-abhytaef24
MD5

9831f4b7926f13c362557437000ca2ba
SHA1

1b05a2497c2c803ea9227196d71f69d56bb9ae47
SHA256

6c90e24eb13acf75f44db77c54163eb997f96a5d14734b85fd93c71af54b0a35
SHA512

04bf153632b28eb96c2dca41b37d39893b5307acae6b439d2b07c8a1d2249cbded34c57f0c3cd3fb76f0eb1f70f72cec3cfa7af3caa71c8aff9942a9f7597ec3
SSDEEP

393216:dgsS01a0AQLjdJVPgMIi4ND0vGIYVlHWeEsExGf:xS01a0AQvhv4NKYfHxE38f

Score

7^/10

bootkit persistence vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

6c90e24eb13acf75f44db77c54163eb997f96a5d14734b85fd93c71af54b0a35.exe

Resource

win7-20230831-en

bootkit persistence vmprotect

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

6c90e24eb13acf75f44db77c54163eb997f96a5d14734b85fd93c71af54b0a35.exe

Resource

win10v2004-20230915-en

bootkit persistence vmprotect

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  6c90e24eb13acf75f44db77c54163eb997f96a5d14734b85fd93c71af54b0a35
- Size
  
  13.7MB
- MD5
  
  9831f4b7926f13c362557437000ca2ba
- SHA1
  
  1b05a2497c2c803ea9227196d71f69d56bb9ae47
- SHA256
  
  6c90e24eb13acf75f44db77c54163eb997f96a5d14734b85fd93c71af54b0a35
- SHA512
  
  04bf153632b28eb96c2dca41b37d39893b5307acae6b439d2b07c8a1d2249cbded34c57f0c3cd3fb76f0eb1f70f72cec3cfa7af3caa71c8aff9942a9f7597ec3
- SSDEEP
  
  393216:dgsS01a0AQLjdJVPgMIi4ND0vGIYVlHWeEsExGf:xS01a0AQvhv4NKYfHxE38f
Score

7^/10

bootkit persistence vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistencevmprotect

behavioral2

bootkitpersistencevmprotect

© 2018-2025

Terms | Privacy