General

  • Target

    2e40ae01b28ea5f0d1c44d7eb658c85e

  • Size

    12.3MB

  • Sample

    231231-jt7jkafae2

  • MD5

    2e40ae01b28ea5f0d1c44d7eb658c85e

  • SHA1

    e968b54a435e06e9175f146abaaee269b76827cc

  • SHA256

    1ca4420c3b174e88b7eaee5bcf316db83fa7bea35ae159093391e8a5cf8788d9

  • SHA512

    48f9a182b12cdbd4fd102595dfdcf5e3b7145aeb8f1d627aeb55869e0518aee39e7a2c750fda62126add6bedef546f8f3d290c78f508bd086df7542f3c3a6d3a

  • SSDEEP

    196608:xu2HpinSGT8J1mqy6Xs8Jj3gkd3BHE8m0k6jyaGE9PlPc43nDCZ5PVJ9ugou5Z:M1NrqJsU3nW8mtJYEOeJzugZ

Malware Config

Targets

    • Target

      2e40ae01b28ea5f0d1c44d7eb658c85e

    • Size

      12.3MB

    • MD5

      2e40ae01b28ea5f0d1c44d7eb658c85e

    • SHA1

      e968b54a435e06e9175f146abaaee269b76827cc

    • SHA256

      1ca4420c3b174e88b7eaee5bcf316db83fa7bea35ae159093391e8a5cf8788d9

    • SHA512

      48f9a182b12cdbd4fd102595dfdcf5e3b7145aeb8f1d627aeb55869e0518aee39e7a2c750fda62126add6bedef546f8f3d290c78f508bd086df7542f3c3a6d3a

    • SSDEEP

      196608:xu2HpinSGT8J1mqy6Xs8Jj3gkd3BHE8m0k6jyaGE9PlPc43nDCZ5PVJ9ugou5Z:M1NrqJsU3nW8mtJYEOeJzugZ

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks