9710fd681027bb4fc795e4e0394ca5ba550452dc922be7c317ce18788d9c9db8 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2023-08-26...JC.exe

windows7-x64

7

2023-08-26...JC.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2023-08-26_bb9a271bdf07d6986519589fb8d750b3_magniber_revil_JC.exe
Size

11.6MB
Sample

231011-gecpjace4t
MD5

bb9a271bdf07d6986519589fb8d750b3
SHA1

48b12dafdfb2bf7fb4fd1c7d88c887ce042b4fae
SHA256

9710fd681027bb4fc795e4e0394ca5ba550452dc922be7c317ce18788d9c9db8
SHA512

8ec3079a52e7a406588f09395b7e9a0bfebabeff91420b846180c7681899e0cc6d46b9ff53f8c9f45942bbc966b2e75eea56ac0ec61ea34d3dfe970b35cb63a7
SSDEEP

196608:BqnkQ4DCXjHvNLwHsHxHtdby7cCbXiGFjmIi9XUH2/5alJKN8sdDLs4Y9zctw:8tpL2sRNdbOcGjEZUWI9sdLsb9L

Score

7^/10

aspackv2 vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2023-08-26_bb9a271bdf07d6986519589fb8d750b3_magniber_revil_JC.exe

Resource

win7-20230831-en

aspackv2 vmprotect

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

2023-08-26_bb9a271bdf07d6986519589fb8d750b3_magniber_revil_JC.exe

Resource

win10v2004-20230915-en

aspackv2 vmprotect

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2023-08-26_bb9a271bdf07d6986519589fb8d750b3_magniber_revil_JC.exe
- Size
  
  11.6MB
- MD5
  
  bb9a271bdf07d6986519589fb8d750b3
- SHA1
  
  48b12dafdfb2bf7fb4fd1c7d88c887ce042b4fae
- SHA256
  
  9710fd681027bb4fc795e4e0394ca5ba550452dc922be7c317ce18788d9c9db8
- SHA512
  
  8ec3079a52e7a406588f09395b7e9a0bfebabeff91420b846180c7681899e0cc6d46b9ff53f8c9f45942bbc966b2e75eea56ac0ec61ea34d3dfe970b35cb63a7
- SSDEEP
  
  196608:BqnkQ4DCXjHvNLwHsHxHtdby7cCbXiGFjmIi9XUH2/5alJKN8sdDLs4Y9zctw:8tpL2sRNdbOcGjEZUWI9sdLsb9L
Score

7^/10

aspackv2 vmprotect
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

aspackv2vmprotect

behavioral2

aspackv2vmprotect

© 2018-2025

Terms | Privacy