Overview

overview

8

Static

static

3

028d4fa266...ef.exe

windows7-x64

8

028d4fa266...ef.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    028d4fa266a293a7c4406055777806ef

  • Size

    98KB

  • Sample

    231224-sbpqgadaa7

  • MD5

    028d4fa266a293a7c4406055777806ef

  • SHA1

    c177d8094306248e8ffc94f3c487986f84dbaf6e

  • SHA256

    7dd484ea2fd7d68cb7c697573b7c1cebf8319a8b5107ef7e1dba8b660c6b436e

  • SHA512

    df1c35f8c0ee9fbb997ebbecb80fe34b32d8df2ee14aeee49710c56180917ee6e042eb8c382f1b50a0480a300727df903aebc27ec05cf30779ee94952f61db40

  • SSDEEP

    3072:JwFDYh2DPSJhpxcHxK4l5La5c00rKBv3StDVC:ulrDq0wt0rhDVC

Score
8/10
persistencevmprotect

Malware Config

Targets

    • Target

      028d4fa266a293a7c4406055777806ef

    • Size

      98KB

    • MD5

      028d4fa266a293a7c4406055777806ef

    • SHA1

      c177d8094306248e8ffc94f3c487986f84dbaf6e

    • SHA256

      7dd484ea2fd7d68cb7c697573b7c1cebf8319a8b5107ef7e1dba8b660c6b436e

    • SHA512

      df1c35f8c0ee9fbb997ebbecb80fe34b32d8df2ee14aeee49710c56180917ee6e042eb8c382f1b50a0480a300727df903aebc27ec05cf30779ee94952f61db40

    • SSDEEP

      3072:JwFDYh2DPSJhpxcHxK4l5La5c00rKBv3StDVC:ulrDq0wt0rhDVC

    Score
    8/10
    persistencevmprotect

    • Sets file execution options in registry

      persistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks