405793d590867b6319862745f32d4f53a9c6d09510936c28286efdd373742a49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9bebd821ba5a21a8174f140b0c797e3f
Size

77KB
Sample

240214-rtnqfseb59
MD5

9bebd821ba5a21a8174f140b0c797e3f
SHA1

b85280e76622859a9a893429787ce986ca4f0f56
SHA256

405793d590867b6319862745f32d4f53a9c6d09510936c28286efdd373742a49
SHA512

0237182c541ef0b88b33670cb3546ee264b7a22fffc7c99d42696152d7554de11d1d6caf44af744e44249ea7bc305604f66a9bccf9eb3beedcc1ab6642ace95f
SSDEEP

1536:IekwBFXgX4NaUb1WATSgdcO7ZEGFzydg/VFM8gwmBmgcDKwc:I0gX40U8eSewGUdg/VJgVBmtD

Score

8^/10

persistence vmprotect

Malware Config

Targets

- Target
  
  9bebd821ba5a21a8174f140b0c797e3f
- Size
  
  77KB
- MD5
  
  9bebd821ba5a21a8174f140b0c797e3f
- SHA1
  
  b85280e76622859a9a893429787ce986ca4f0f56
- SHA256
  
  405793d590867b6319862745f32d4f53a9c6d09510936c28286efdd373742a49
- SHA512
  
  0237182c541ef0b88b33670cb3546ee264b7a22fffc7c99d42696152d7554de11d1d6caf44af744e44249ea7bc305604f66a9bccf9eb3beedcc1ab6642ace95f
- SSDEEP
  
  1536:IekwBFXgX4NaUb1WATSgdcO7ZEGFzydg/VFM8gwmBmgcDKwc:I0gX40U8eSewGUdg/VJgVBmtD
Score

8^/10

persistence vmprotect
- Modifies AppInit DLL entries
  persistence
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencevmprotect

behavioral2

persistencevmprotect