e82d1d33430d90c6b6b7b336c30e227a881a28bbaff07c3c1346709686c732e4 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

7f81f80a95...df.exe

windows7-x64

7

7f81f80a95...df.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

7f81f80a959f39fcfa153b4d990167df
Size

236KB
Sample

240129-lmzw9agdcr
MD5

7f81f80a959f39fcfa153b4d990167df
SHA1

487c2eb6c7c0c1fe5e1edf3149965a982df8fe27
SHA256

e82d1d33430d90c6b6b7b336c30e227a881a28bbaff07c3c1346709686c732e4
SHA512

b1d7b165d3de2e91d0627c8b4a0f2f51e1651cabfdd21ccc6baf52d62525010c82fbd295a63a261febcd61424ddda6c4791ece3c06496fb37b0d99cebfca6cc5
SSDEEP

6144:Zo8w4a3cq808Rx5j0XYvMRs/ct2WmcReRBu86Xdkdqz:Zpw4QcL1xyWHWmauOEqz

Score

7^/10

persistence upx vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7f81f80a959f39fcfa153b4d990167df.exe

Resource

win7-20231215-en

persistence upx vmprotect

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

7f81f80a959f39fcfa153b4d990167df.exe

Resource

win10v2004-20231215-en

persistence upx vmprotect

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  7f81f80a959f39fcfa153b4d990167df
- Size
  
  236KB
- MD5
  
  7f81f80a959f39fcfa153b4d990167df
- SHA1
  
  487c2eb6c7c0c1fe5e1edf3149965a982df8fe27
- SHA256
  
  e82d1d33430d90c6b6b7b336c30e227a881a28bbaff07c3c1346709686c732e4
- SHA512
  
  b1d7b165d3de2e91d0627c8b4a0f2f51e1651cabfdd21ccc6baf52d62525010c82fbd295a63a261febcd61424ddda6c4791ece3c06496fb37b0d99cebfca6cc5
- SSDEEP
  
  6144:Zo8w4a3cq808Rx5j0XYvMRs/ct2WmcReRBu86Xdkdqz:Zpw4QcL1xyWHWmauOEqz
Score

7^/10

persistence upx vmprotect
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceupxvmprotect

behavioral2

persistenceupxvmprotect

© 2018-2025

Terms | Privacy