Overview

overview

7

Static

static

7

test.exe

windows7-x64

7

test.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test.exe

  • Size

    5.0MB

  • Sample

    240424-xxl9paff4z

  • MD5

    e9a24c7a42f9b296cc1e31dc3ea73b2b

  • SHA1

    06e9607fb973400f0f110854ce90382965cd43d9

  • SHA256

    03ee5437a1dad818f417db18dd50e16bc08c890b442874d841cd1a6a643c4010

  • SHA512

    48af794e0042ce3cea37ff11e3f9b74d0a8e463018fc827d7ef459cc58252a5f436632c19b5d4674a6b54f02543005a294ef94f86d46d1ecff574ba6fab0464b

  • SSDEEP

    98304:XrdCegVSGMzByLXMfivQayGnOht5RTc7kjRX1LNNDw7:waGMlyLXvvQdmmt5RTcGzLNe7

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      test.exe

    • Size

      5.0MB

    • MD5

      e9a24c7a42f9b296cc1e31dc3ea73b2b

    • SHA1

      06e9607fb973400f0f110854ce90382965cd43d9

    • SHA256

      03ee5437a1dad818f417db18dd50e16bc08c890b442874d841cd1a6a643c4010

    • SHA512

      48af794e0042ce3cea37ff11e3f9b74d0a8e463018fc827d7ef459cc58252a5f436632c19b5d4674a6b54f02543005a294ef94f86d46d1ecff574ba6fab0464b

    • SSDEEP

      98304:XrdCegVSGMzByLXMfivQayGnOht5RTc7kjRX1LNNDw7:waGMlyLXvvQdmmt5RTcGzLNe7

    Score
    7/10
    vmprotect

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks