General

  • Target

    00515ac08d3a7008e28b856eb690185b

  • Size

    356KB

  • Sample

    231224-rmf22afdh4

  • MD5

    00515ac08d3a7008e28b856eb690185b

  • SHA1

    5728fcc7ef77c4d538ec8d597573fbabf06bcbd8

  • SHA256

    3d2b6732fb8f6e9e39f7d8254fad9e76a00287531aef18bd93ea37e90e37f724

  • SHA512

    59b1aa3ccdcc53798582aa098ebb53710806a85f3efafe0912d349925b6c08f6bd25f3351095fd58c4e297ed661e688b86c82e913896787d4a8ced4e64a0f452

  • SSDEEP

    6144:2Fn75ci4RznCDsy3eUB7ysrdPvCvkQRfPYdb2huiBQrQ3Bu1s3vVvrk7FiQh:2FnrUznC4y3e+ye9Ok+PYB2nQs3Bu1G2

Score
7/10

Malware Config

Targets

    • Target

      00515ac08d3a7008e28b856eb690185b

    • Size

      356KB

    • MD5

      00515ac08d3a7008e28b856eb690185b

    • SHA1

      5728fcc7ef77c4d538ec8d597573fbabf06bcbd8

    • SHA256

      3d2b6732fb8f6e9e39f7d8254fad9e76a00287531aef18bd93ea37e90e37f724

    • SHA512

      59b1aa3ccdcc53798582aa098ebb53710806a85f3efafe0912d349925b6c08f6bd25f3351095fd58c4e297ed661e688b86c82e913896787d4a8ced4e64a0f452

    • SSDEEP

      6144:2Fn75ci4RznCDsy3eUB7ysrdPvCvkQRfPYdb2huiBQrQ3Bu1s3vVvrk7FiQh:2FnrUznC4y3e+ye9Ok+PYB2nQs3Bu1G2

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks