General

  • Target

    slmvsrv.exe

  • Size

    658KB

  • Sample

    231211-3kgfkabbhk

  • MD5

    bb9818d76fe60e68608e2a1e7bc6666b

  • SHA1

    8427c53e51681bbc6120e52f2f0fa312a540d533

  • SHA256

    4fe95e6d975784469720be171c22280ba3c050fde781f2361d41e3cd4a0318c0

  • SHA512

    fc9abd826105d8243e54fb1806a4cb0b5e0e0909c1579bbea03ecda3e62ead96d7ef1bc065a524b2c9376ed3e1fe811418c1bbd6914ef24ed69e81d1c836ff1c

  • SSDEEP

    12288:AZH5FDHpNnNeDoLEZC9Kqp4p8AZNV0y8ezXuBLtQ19tIwoI:AZHbrnyo449Kqi3fV0yxzXuBa9tbt

Malware Config

Targets

    • Target

      slmvsrv.exe

    • Size

      658KB

    • MD5

      bb9818d76fe60e68608e2a1e7bc6666b

    • SHA1

      8427c53e51681bbc6120e52f2f0fa312a540d533

    • SHA256

      4fe95e6d975784469720be171c22280ba3c050fde781f2361d41e3cd4a0318c0

    • SHA512

      fc9abd826105d8243e54fb1806a4cb0b5e0e0909c1579bbea03ecda3e62ead96d7ef1bc065a524b2c9376ed3e1fe811418c1bbd6914ef24ed69e81d1c836ff1c

    • SSDEEP

      12288:AZH5FDHpNnNeDoLEZC9Kqp4p8AZNV0y8ezXuBLtQ19tIwoI:AZHbrnyo449Kqi3fV0yxzXuBa9tbt

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks