General

  • Target

    d68a225037a3683420065bf59c7fefc55ab0a796489e9737cbe4a7b33814bafa

  • Size

    8.0MB

  • Sample

    231221-kqjtrsahg2

  • MD5

    f4c4da979ab8bb74f8e6ea859c4622d5

  • SHA1

    b47d2281a5951ce32f2c7a2a40cf2083afea12e6

  • SHA256

    d68a225037a3683420065bf59c7fefc55ab0a796489e9737cbe4a7b33814bafa

  • SHA512

    8e92759ffe49c6582ae98d46897254c134abb961ad588dc4c9103d66031168457e50a22c43add233b34a9d9c5bc250af31d186147457d203988240d0a483de29

  • SSDEEP

    196608:Z8yMBEVasCrtNqrxtyPlCcaXYAnS4Ekr5+j0Ewoy:Z8yMuWZkdQtCcaXYKNEkr5+6J

Score
7/10

Malware Config

Targets

    • Target

      d68a225037a3683420065bf59c7fefc55ab0a796489e9737cbe4a7b33814bafa

    • Size

      8.0MB

    • MD5

      f4c4da979ab8bb74f8e6ea859c4622d5

    • SHA1

      b47d2281a5951ce32f2c7a2a40cf2083afea12e6

    • SHA256

      d68a225037a3683420065bf59c7fefc55ab0a796489e9737cbe4a7b33814bafa

    • SHA512

      8e92759ffe49c6582ae98d46897254c134abb961ad588dc4c9103d66031168457e50a22c43add233b34a9d9c5bc250af31d186147457d203988240d0a483de29

    • SSDEEP

      196608:Z8yMBEVasCrtNqrxtyPlCcaXYAnS4Ekr5+j0Ewoy:Z8yMuWZkdQtCcaXYKNEkr5+6J

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks