0d01cfa2a68cb016d313cf0c5e27db62810f3967961653d6d2409dca20843ae9 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

0d01cfa2a6...e9.exe

windows7-x64

7

0d01cfa2a6...e9.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

0d01cfa2a68cb016d313cf0c5e27db62810f3967961653d6d2409dca20843ae9
Size

5.5MB
Sample

231016-kw7ssafa58
MD5

4d96850894c928b437d86ac3812e9ec7
SHA1

29ce084011b3372bda0b10015e06e102d4f1b3a5
SHA256

0d01cfa2a68cb016d313cf0c5e27db62810f3967961653d6d2409dca20843ae9
SHA512

528183ae9eefd73d2cee667ee0575b457104b8405cf246f02fa38948095b76dc96beaf91a84a9b8022984545672aa0f116c3dc6e770b8a66dd15ca6669934cbd
SSDEEP

98304:BdNx1TyV+gqqhX6FhKyBrrf4xyl20QBqz7JAQy4O+A8ouYiUxsa:Bzx1TyMjuwzS09lFvyQAlVL

Score

7^/10

spyware stealer vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0d01cfa2a68cb016d313cf0c5e27db62810f3967961653d6d2409dca20843ae9.exe

Resource

win7-20230831-en

spyware stealer vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0d01cfa2a68cb016d313cf0c5e27db62810f3967961653d6d2409dca20843ae9.exe

Resource

win10v2004-20230915-en

spyware stealer vmprotect

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  0d01cfa2a68cb016d313cf0c5e27db62810f3967961653d6d2409dca20843ae9
- Size
  
  5.5MB
- MD5
  
  4d96850894c928b437d86ac3812e9ec7
- SHA1
  
  29ce084011b3372bda0b10015e06e102d4f1b3a5
- SHA256
  
  0d01cfa2a68cb016d313cf0c5e27db62810f3967961653d6d2409dca20843ae9
- SHA512
  
  528183ae9eefd73d2cee667ee0575b457104b8405cf246f02fa38948095b76dc96beaf91a84a9b8022984545672aa0f116c3dc6e770b8a66dd15ca6669934cbd
- SSDEEP
  
  98304:BdNx1TyV+gqqhX6FhKyBrrf4xyl20QBqz7JAQy4O+A8ouYiUxsa:Bzx1TyMjuwzS09lFvyQAlVL
Score

7^/10

spyware stealer vmprotect
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

spywarestealervmprotect

behavioral2

spywarestealervmprotect

© 2018-2025

Terms | Privacy