Overview

overview

7

Static

static

7

f92adbaee7...34.exe

windows7-x64

7

f92adbaee7...34.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f92adbaee78c952d0d86ba183d6b4bbd0c60d2439304cf774f6346924d8f7934

  • Size

    14.3MB

  • Sample

    231012-kb22ssba34

  • MD5

    30238b45cf4900ee9630ec0ccdb50469

  • SHA1

    0c1d515af93a47bc0873a5e5f376063113e97f01

  • SHA256

    f92adbaee78c952d0d86ba183d6b4bbd0c60d2439304cf774f6346924d8f7934

  • SHA512

    fed3bbc00ad28eaf4772c2cb4d7af3bda8324b001b56c3c4b8095690aec05d0f543c2731961c296fcca624626d119af1d273bf8040c6f86214c2e61d59be526c

  • SSDEEP

    393216:eBNteCLuOR8f25brlkVCwASNbVfe83qPFq6oaBmCGj6ugGnQW:eBNtAjebkoSpexFJo7CS6ugGQW

Score
7/10
upxvmprotect

Malware Config

Targets

    • Target

      f92adbaee78c952d0d86ba183d6b4bbd0c60d2439304cf774f6346924d8f7934

    • Size

      14.3MB

    • MD5

      30238b45cf4900ee9630ec0ccdb50469

    • SHA1

      0c1d515af93a47bc0873a5e5f376063113e97f01

    • SHA256

      f92adbaee78c952d0d86ba183d6b4bbd0c60d2439304cf774f6346924d8f7934

    • SHA512

      fed3bbc00ad28eaf4772c2cb4d7af3bda8324b001b56c3c4b8095690aec05d0f543c2731961c296fcca624626d119af1d273bf8040c6f86214c2e61d59be526c

    • SSDEEP

      393216:eBNteCLuOR8f25brlkVCwASNbVfe83qPFq6oaBmCGj6ugGnQW:eBNtAjebkoSpexFJo7CS6ugGQW

    Score
    7/10
    upxvmprotect

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks