General

  • Target

    d9ddef6fa6e84c4f1cd0ff25c8d9cbf3

  • Size

    6.3MB

  • Sample

    231222-swc76sbfh5

  • MD5

    d9ddef6fa6e84c4f1cd0ff25c8d9cbf3

  • SHA1

    51631d5fd25b1f24e5ea72788a1b2731b146d899

  • SHA256

    52bd0f8e0dc5d3e8aeced8abf31403d6184978d215be68b357c5e6d0b077ee23

  • SHA512

    f822c3ba11bb2aef6213a6f077cba3d8cd1922d44a63dba9d73f378572d00599a8e2c19b413c53a8ab731bdde7b8c67916a14e6bd66995003fdd1b50abc49001

  • SSDEEP

    196608:Mx3Vr+hoDxcVp6455J77NAtZAA6Bj6An5p3:a3Vr+WDxcVk+rhAtqA1o

Score
7/10

Malware Config

Targets

    • Target

      d9ddef6fa6e84c4f1cd0ff25c8d9cbf3

    • Size

      6.3MB

    • MD5

      d9ddef6fa6e84c4f1cd0ff25c8d9cbf3

    • SHA1

      51631d5fd25b1f24e5ea72788a1b2731b146d899

    • SHA256

      52bd0f8e0dc5d3e8aeced8abf31403d6184978d215be68b357c5e6d0b077ee23

    • SHA512

      f822c3ba11bb2aef6213a6f077cba3d8cd1922d44a63dba9d73f378572d00599a8e2c19b413c53a8ab731bdde7b8c67916a14e6bd66995003fdd1b50abc49001

    • SSDEEP

      196608:Mx3Vr+hoDxcVp6455J77NAtZAA6Bj6An5p3:a3Vr+WDxcVk+rhAtqA1o

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks