General

  • Target

    Stub.exe

  • Size

    13.8MB

  • Sample

    231224-ds2c9secfm

  • MD5

    894a60693fee38d4b64056cb10536a75

  • SHA1

    c427e45b0f7eb66583d2fb410ddb0c0e6196c0d6

  • SHA256

    2d6c58c043a319b7d9de60a16184a3cfdf1465b79771d27223acb2cac197851f

  • SHA512

    8fdc9499bcd2fd8c1c0732db547e1560be3e889ba0a243b95ae03c0d5ed6e3229fcc35fcce736bcab9aff11692e4d3045471d227393a55379264b8f7a8bf87a5

  • SSDEEP

    393216:069fCksYPBDTr2L8zhgy8mTZ1fy68+dl+up4:0kuaBDTDd1uEl1

Score
7/10

Malware Config

Targets

    • Target

      Stub.exe

    • Size

      13.8MB

    • MD5

      894a60693fee38d4b64056cb10536a75

    • SHA1

      c427e45b0f7eb66583d2fb410ddb0c0e6196c0d6

    • SHA256

      2d6c58c043a319b7d9de60a16184a3cfdf1465b79771d27223acb2cac197851f

    • SHA512

      8fdc9499bcd2fd8c1c0732db547e1560be3e889ba0a243b95ae03c0d5ed6e3229fcc35fcce736bcab9aff11692e4d3045471d227393a55379264b8f7a8bf87a5

    • SSDEEP

      393216:069fCksYPBDTr2L8zhgy8mTZ1fy68+dl+up4:0kuaBDTDd1uEl1

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks