02567d52bc17b38a27b1cdc356055e26d2f37c2babf042ac39e1e8116b11bc5e | Triage

Submit
Reports

Overview

overview

8

Static

static

3

8f0f1baa15...18.exe

windows7-x64

8f0f1baa15...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

8f0f1baa156321219a6097ab8ce27018
Size

217KB
Sample

240204-nsc1saafaj
MD5

8f0f1baa156321219a6097ab8ce27018
SHA1

99a0592b0d565356c19aac195910836967e8b76d
SHA256

02567d52bc17b38a27b1cdc356055e26d2f37c2babf042ac39e1e8116b11bc5e
SHA512

675d9f88220911d8fcc9ee4af9a13de38a426766de3f99f90138741442be2a1cbed08d2c5c0082310149fa01e01039a645a9653df207c75c6bf6559f1febed6a
SSDEEP

6144:qO9hsFv8HhMEpuXWzuzJH/GQfAN3QGseB3r:qOvgvqk4QfyseB3r

Score

8^/10

persistence vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8f0f1baa156321219a6097ab8ce27018.exe

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

8f0f1baa156321219a6097ab8ce27018.exe

Resource

win10v2004-20231215-en

persistence vmprotect

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  8f0f1baa156321219a6097ab8ce27018
- Size
  
  217KB
- MD5
  
  8f0f1baa156321219a6097ab8ce27018
- SHA1
  
  99a0592b0d565356c19aac195910836967e8b76d
- SHA256
  
  02567d52bc17b38a27b1cdc356055e26d2f37c2babf042ac39e1e8116b11bc5e
- SHA512
  
  675d9f88220911d8fcc9ee4af9a13de38a426766de3f99f90138741442be2a1cbed08d2c5c0082310149fa01e01039a645a9653df207c75c6bf6559f1febed6a
- SSDEEP
  
  6144:qO9hsFv8HhMEpuXWzuzJH/GQfAN3QGseB3r:qOvgvqk4QfyseB3r
Score

8^/10

persistence vmprotect
- Sets DLL path for service in the registry
  persistence
- Loads dropped DLL
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

persistencevmprotect

© 2018-2025

Terms | Privacy