Overview

overview

7

Static

static

3

cba1a8b793...b9.exe

windows7-x64

7

cba1a8b793...b9.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    cba1a8b79311cf2c0a397c68667696b9

  • Size

    8.4MB

  • Sample

    240315-rncq1aaf41

  • MD5

    cba1a8b79311cf2c0a397c68667696b9

  • SHA1

    0b3398060a90c32b89cffe51c3cf4630077a9fc9

  • SHA256

    e07109726989200479a24c27ee21166962239d904e202d5bb6396cc50222fc74

  • SHA512

    66fac82d4bf6d4b6440bc5c54bf1f7c2a3849752f20e2684134c20b554c08ab521609d801ff166302779a892d8e9c62637c70ff7c83ea3453d3288fabd04bb90

  • SSDEEP

    196608:C2QYLD4C9jsHAwGR3XfUhSS1CZt8HXHYHa8bajYVb:VHP9jUGR/UtQZtuoHYMVb

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      cba1a8b79311cf2c0a397c68667696b9

    • Size

      8.4MB

    • MD5

      cba1a8b79311cf2c0a397c68667696b9

    • SHA1

      0b3398060a90c32b89cffe51c3cf4630077a9fc9

    • SHA256

      e07109726989200479a24c27ee21166962239d904e202d5bb6396cc50222fc74

    • SHA512

      66fac82d4bf6d4b6440bc5c54bf1f7c2a3849752f20e2684134c20b554c08ab521609d801ff166302779a892d8e9c62637c70ff7c83ea3453d3288fabd04bb90

    • SSDEEP

      196608:C2QYLD4C9jsHAwGR3XfUhSS1CZt8HXHYHa8bajYVb:VHP9jUGR/UtQZtuoHYMVb

    Score
    7/10
    vmprotect

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks