General
-
Target
b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167
-
Size
6.9MB
-
Sample
240424-yr2ymage7v
-
MD5
645a70bf5b9855af7f9b44fcb2472082
-
SHA1
9cf4c9ebb17f0787b5932c29584aac5f1af042dc
-
SHA256
b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167
-
SHA512
13866afc4751f2ec32d976a455138a044af8eae0a590affe9470a9b68b2a786895a498a3637fa2f7de503611915bf4080d24a5662a59b77b62790b6a6b959b27
-
SSDEEP
196608:jtMYDwGWptsQo50Rn3AMB9hCp8CDsB8aZjcC73FG:j7DJ+tsQoJM7hCOCDsB8aZjcC7VG
Behavioral task
behavioral1
Sample
b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167.dll
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167
-
Size
6.9MB
-
MD5
645a70bf5b9855af7f9b44fcb2472082
-
SHA1
9cf4c9ebb17f0787b5932c29584aac5f1af042dc
-
SHA256
b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167
-
SHA512
13866afc4751f2ec32d976a455138a044af8eae0a590affe9470a9b68b2a786895a498a3637fa2f7de503611915bf4080d24a5662a59b77b62790b6a6b959b27
-
SSDEEP
196608:jtMYDwGWptsQo50Rn3AMB9hCp8CDsB8aZjcC73FG:j7DJ+tsQoJM7hCOCDsB8aZjcC7VG
Score9/10-
Detects executables packed with VMProtect.
-
Blocklisted process makes network request
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-