General

  • Target

    2ff1d7e7730b1bcccedaaea1139baf65

  • Size

    1.3MB

  • Sample

    231231-kxh6tagca6

  • MD5

    2ff1d7e7730b1bcccedaaea1139baf65

  • SHA1

    a72befa649ad7d1d637680b10eabb4ec50605c28

  • SHA256

    a9dd7bd824921108fdc086b839d528390ab1fa27f236f6f2ac993d05012b2958

  • SHA512

    6dba432c943bcae72f211778542ee20083b593d5a252f8ce7b9ecde20d3a5131784f4349a33185713cee8cc76047d33c6432dd334330ea2ef083a6c0ece09895

  • SSDEEP

    24576:CqdXYINPLAF8pB8AqiJzP1gYuLGSb6Rm46txbLzBrY/UsPVbk:ChIJASb8ietCRmHLu

Score
7/10

Malware Config

Targets

    • Target

      2ff1d7e7730b1bcccedaaea1139baf65

    • Size

      1.3MB

    • MD5

      2ff1d7e7730b1bcccedaaea1139baf65

    • SHA1

      a72befa649ad7d1d637680b10eabb4ec50605c28

    • SHA256

      a9dd7bd824921108fdc086b839d528390ab1fa27f236f6f2ac993d05012b2958

    • SHA512

      6dba432c943bcae72f211778542ee20083b593d5a252f8ce7b9ecde20d3a5131784f4349a33185713cee8cc76047d33c6432dd334330ea2ef083a6c0ece09895

    • SSDEEP

      24576:CqdXYINPLAF8pB8AqiJzP1gYuLGSb6Rm46txbLzBrY/UsPVbk:ChIJASb8ietCRmHLu

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks