General

  • Target

    2fe7822e5d7932de49af167c15e08bb1

  • Size

    5.2MB

  • Sample

    231231-kwgatsgab2

  • MD5

    2fe7822e5d7932de49af167c15e08bb1

  • SHA1

    5bee780ea8826410caff329460b2191f90b4e43f

  • SHA256

    0247b24f9fcce0133d4c8bfaab7e1b5e7849f8427fbb71040cacd140cebf84c6

  • SHA512

    05dcd27ea4f41698e808e60d1d922f5c27282ddd290b0826fd8a65f57a016d08154a259357aea0533e3cce0e0992ad280c0cde4b7ef673c6e03efb4e8941540c

  • SSDEEP

    98304:RoOtsx6i43RtO8aYnQ6yBKTudVmhhMJPjj1:RVtM4JQsiVhJrj

Score
7/10

Malware Config

Targets

    • Target

      2fe7822e5d7932de49af167c15e08bb1

    • Size

      5.2MB

    • MD5

      2fe7822e5d7932de49af167c15e08bb1

    • SHA1

      5bee780ea8826410caff329460b2191f90b4e43f

    • SHA256

      0247b24f9fcce0133d4c8bfaab7e1b5e7849f8427fbb71040cacd140cebf84c6

    • SHA512

      05dcd27ea4f41698e808e60d1d922f5c27282ddd290b0826fd8a65f57a016d08154a259357aea0533e3cce0e0992ad280c0cde4b7ef673c6e03efb4e8941540c

    • SSDEEP

      98304:RoOtsx6i43RtO8aYnQ6yBKTudVmhhMJPjj1:RVtM4JQsiVhJrj

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks