2c7b219b88db48d004789b4bf56a37dc60885d332610251dd1db65b2ec315ca2 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

F.Agent.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

F.Agent.exe
Size

5.1MB
Sample

240313-rghnnsge28
MD5

8eb94c987e5a95fcfd3d26bb78059b6d
SHA1

b7180f0effac43a988e6a9651efb178ed75fdfb6
SHA256

2c7b219b88db48d004789b4bf56a37dc60885d332610251dd1db65b2ec315ca2
SHA512

eaacc9aa6101f7d28cab406ef7da3a80777b270ede21136eb72d991b887ae79dc62468e7ebce3a3a28e6af36a841a2d3acf2cfbf085ba592e3afecc1b4626d54
SSDEEP

98304:AVlOeta9YSH61kNawcDD0cA7oVLCkwr2AALL8yWHfbcvBQ7KBfML:LBeSH6yNcDD0FD4xLL8yWHfbcQ7KBfML

Score

8^/10

vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

F.Agent.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

8 signatures

1200 seconds

Malware Config

Targets

- Target
  
  F.Agent.exe
- Size
  
  5.1MB
- MD5
  
  8eb94c987e5a95fcfd3d26bb78059b6d
- SHA1
  
  b7180f0effac43a988e6a9651efb178ed75fdfb6
- SHA256
  
  2c7b219b88db48d004789b4bf56a37dc60885d332610251dd1db65b2ec315ca2
- SHA512
  
  eaacc9aa6101f7d28cab406ef7da3a80777b270ede21136eb72d991b887ae79dc62468e7ebce3a3a28e6af36a841a2d3acf2cfbf085ba592e3afecc1b4626d54
- SSDEEP
  
  98304:AVlOeta9YSH61kNawcDD0cA7oVLCkwr2AALL8yWHfbcvBQ7KBfML:LBeSH6yNcDD0FD4xLL8yWHfbcQ7KBfML
Score

8^/10

vmprotect
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy