Overview

overview

7

Static

static

7

21e5bab6bd...59.exe

windows7-x64

7

21e5bab6bd...59.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    21e5bab6bdd4127c9ea624581a7cdbe5291efc953cd032eaaa2dc2735b6bec59

  • Size

    3.0MB

  • Sample

    230921-bqkavsdg89

  • MD5

    ec3fa498a92c789839a9cd8befbe4f75

  • SHA1

    1d5c8999b0df7d89aca5f5f52939507150f3c7ac

  • SHA256

    21e5bab6bdd4127c9ea624581a7cdbe5291efc953cd032eaaa2dc2735b6bec59

  • SHA512

    283564390acd693ed19f22ea118cd8b299fab6a6296582227b9d8a961885e4beb3dba740e973e6ec108ed299eb27eba7838db79ee8c7d5b7947cf8b7aac2a709

  • SSDEEP

    49152:V2sd6xejQQCCiO23ORcOAFXlpiiQV/gsEFRQOEKgd6GJM9b0RIgIUT1hE5Omv4lO:V7cQCCiO2IcOKtQNgsEFvoTJML/UbEoM

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      21e5bab6bdd4127c9ea624581a7cdbe5291efc953cd032eaaa2dc2735b6bec59

    • Size

      3.0MB

    • MD5

      ec3fa498a92c789839a9cd8befbe4f75

    • SHA1

      1d5c8999b0df7d89aca5f5f52939507150f3c7ac

    • SHA256

      21e5bab6bdd4127c9ea624581a7cdbe5291efc953cd032eaaa2dc2735b6bec59

    • SHA512

      283564390acd693ed19f22ea118cd8b299fab6a6296582227b9d8a961885e4beb3dba740e973e6ec108ed299eb27eba7838db79ee8c7d5b7947cf8b7aac2a709

    • SSDEEP

      49152:V2sd6xejQQCCiO23ORcOAFXlpiiQV/gsEFRQOEKgd6GJM9b0RIgIUT1hE5Omv4lO:V7cQCCiO2IcOKtQNgsEFvoTJML/UbEoM

    Score
    7/10
    vmprotect

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks