Overview

overview

7

Static

static

3

363e77ab09...76.exe

windows7-x64

7

363e77ab09...76.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    363e77ab09bf93b2f7b1905cc84aa777f9fddc058c142d09d4b8bdbd5b5e0676

  • Size

    8.9MB

  • Sample

    230921-egynnseh75

  • MD5

    fa17412e34cb099a53a58fa9345eafda

  • SHA1

    47487bdc4ad785b5335c6b1e303d81142febde47

  • SHA256

    363e77ab09bf93b2f7b1905cc84aa777f9fddc058c142d09d4b8bdbd5b5e0676

  • SHA512

    f8f88ec3856173656207bdaf755c461242d1262b36c285d7e07974d4616dc1ab278b5349b729405d2dc5ba5b4607f766ac5d7cdd624a71d53f638a7bd7978017

  • SSDEEP

    196608:YiFi/efETAkIX64eteN5k45dV77sDTAuhqTPhgdaOCkG22O:1yewIKs5H+AthXOfGDO

Score
7/10
upxvmprotect

Malware Config

Targets

    • Target

      363e77ab09bf93b2f7b1905cc84aa777f9fddc058c142d09d4b8bdbd5b5e0676

    • Size

      8.9MB

    • MD5

      fa17412e34cb099a53a58fa9345eafda

    • SHA1

      47487bdc4ad785b5335c6b1e303d81142febde47

    • SHA256

      363e77ab09bf93b2f7b1905cc84aa777f9fddc058c142d09d4b8bdbd5b5e0676

    • SHA512

      f8f88ec3856173656207bdaf755c461242d1262b36c285d7e07974d4616dc1ab278b5349b729405d2dc5ba5b4607f766ac5d7cdd624a71d53f638a7bd7978017

    • SSDEEP

      196608:YiFi/efETAkIX64eteN5k45dV77sDTAuhqTPhgdaOCkG22O:1yewIKs5H+AthXOfGDO

    Score
    7/10
    upxvmprotect

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks