9292437e5be38c3a9b42abb12a920d9b5df778af0c7ca81a3eaa4c134af91e13 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

9292437e5b...13.dll

windows7-x64

8

9292437e5b...13.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

9292437e5be38c3a9b42abb12a920d9b5df778af0c7ca81a3eaa4c134af91e13
Size

11.7MB
Sample

231116-ea2rragf51
MD5

7f227f0679fbeb4d75e488a38d6b1241
SHA1

381babc08fffb588e322686f11401c154a98df6a
SHA256

9292437e5be38c3a9b42abb12a920d9b5df778af0c7ca81a3eaa4c134af91e13
SHA512

bcf351f8df10e0e9e098e65cd2061285885020736bcc3d1517a1215abf09b3622963e77bde765f072e07c3f2f4b369b4336cc3ae51faec09da3278e06fdec78a
SSDEEP

196608:y34VeiBytPWrnF4TIC+3nEJFhKpxeb4sN/gCtF4rplF/H2PXGBJaK3Tmrf4Qz/M1:8nmy0BVGJz0x04sN/ltFoHYX4Jagmrfz

Score

8^/10

persistence vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

9292437e5be38c3a9b42abb12a920d9b5df778af0c7ca81a3eaa4c134af91e13.dll

Resource

win7-20231020-en

persistence vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

9292437e5be38c3a9b42abb12a920d9b5df778af0c7ca81a3eaa4c134af91e13.dll

Resource

win10v2004-20231023-en

persistence vmprotect

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  9292437e5be38c3a9b42abb12a920d9b5df778af0c7ca81a3eaa4c134af91e13
- Size
  
  11.7MB
- MD5
  
  7f227f0679fbeb4d75e488a38d6b1241
- SHA1
  
  381babc08fffb588e322686f11401c154a98df6a
- SHA256
  
  9292437e5be38c3a9b42abb12a920d9b5df778af0c7ca81a3eaa4c134af91e13
- SHA512
  
  bcf351f8df10e0e9e098e65cd2061285885020736bcc3d1517a1215abf09b3622963e77bde765f072e07c3f2f4b369b4336cc3ae51faec09da3278e06fdec78a
- SSDEEP
  
  196608:y34VeiBytPWrnF4TIC+3nEJFhKpxeb4sN/gCtF4rplF/H2PXGBJaK3Tmrf4Qz/M1:8nmy0BVGJz0x04sN/ltFoHYX4Jagmrfz
Score

8^/10

persistence vmprotect
- Blocklisted process makes network request
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencevmprotect

behavioral2

persistencevmprotect

© 2018-2025

Terms | Privacy