General

  • Target

    d2d5167c24eb3fabf4981fb089ce67af

  • Size

    13.3MB

  • Sample

    231220-sjr6kaefc7

  • MD5

    d2d5167c24eb3fabf4981fb089ce67af

  • SHA1

    a3d154a6091be076e7a0feecb94fe30b7d724089

  • SHA256

    f2102dc70142f02ddb7edcc97a5945e22d8e76e6c09143de06f9597758fab31e

  • SHA512

    8fa08104b0fb3c321e61aae0b8b75c5e50e841b9c63cb6faeed71db19ef4b0c99016ce56060c589381c5016f08924fed123f354c42354d59f1493aa7d74422b9

  • SSDEEP

    196608:zN5Q8WN3rrxXe5GdRZ6X50aLlNvKkwmfNKa01pq5tpYXqqn5Ux+UrR7LtaX3zQJG:Z5WNh2XdlNSkwmYaSx5a+U9X4Pu

Score
7/10

Malware Config

Targets

    • Target

      d2d5167c24eb3fabf4981fb089ce67af

    • Size

      13.3MB

    • MD5

      d2d5167c24eb3fabf4981fb089ce67af

    • SHA1

      a3d154a6091be076e7a0feecb94fe30b7d724089

    • SHA256

      f2102dc70142f02ddb7edcc97a5945e22d8e76e6c09143de06f9597758fab31e

    • SHA512

      8fa08104b0fb3c321e61aae0b8b75c5e50e841b9c63cb6faeed71db19ef4b0c99016ce56060c589381c5016f08924fed123f354c42354d59f1493aa7d74422b9

    • SSDEEP

      196608:zN5Q8WN3rrxXe5GdRZ6X50aLlNvKkwmfNKa01pq5tpYXqqn5Ux+UrR7LtaX3zQJG:Z5WNh2XdlNSkwmYaSx5a+U9X4Pu

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks