Overview

overview

8

Static

static

3

97453f7bb0...b1.exe

windows7-x64

8

97453f7bb0...b1.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    97453f7bb0bd84f470f91968d052d2b1

  • Size

    1.7MB

  • Sample

    240212-qsxrasef9w

  • MD5

    97453f7bb0bd84f470f91968d052d2b1

  • SHA1

    bf1e32d36ff067fbe5ba8df47c7f543b332914cb

  • SHA256

    8fd4019c870ceea75510bcd2c17f85c8aa100fb847e90c17eb466242ec8ab439

  • SHA512

    b35a19827918658ce89fd77cf07a950a5bbe4a86e87ffd8845cf467616467c065aab78d31398d91b359dff1d7dab78bac04e9921900c872365ddf0bef4bcefd4

  • SSDEEP

    49152:cs8KXMq1388ne85809mEJLwEXbWsXwCjf/4RkSiymPUj55:tMG8ce8609mE1bWsX1D/6X0Uj

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      97453f7bb0bd84f470f91968d052d2b1

    • Size

      1.7MB

    • MD5

      97453f7bb0bd84f470f91968d052d2b1

    • SHA1

      bf1e32d36ff067fbe5ba8df47c7f543b332914cb

    • SHA256

      8fd4019c870ceea75510bcd2c17f85c8aa100fb847e90c17eb466242ec8ab439

    • SHA512

      b35a19827918658ce89fd77cf07a950a5bbe4a86e87ffd8845cf467616467c065aab78d31398d91b359dff1d7dab78bac04e9921900c872365ddf0bef4bcefd4

    • SSDEEP

      49152:cs8KXMq1388ne85809mEJLwEXbWsXwCjf/4RkSiymPUj55:tMG8ce8609mE1bWsX1D/6X0Uj

    Score
    8/10
    vmprotect

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks