Overview

overview

10

Static

static

10

b386b1613f...67.dll

windows7-x64

9

b386b1613f...67.dll

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167

  • Size

    6.9MB

  • Sample

    240424-yr2ymage7v

  • MD5

    645a70bf5b9855af7f9b44fcb2472082

  • SHA1

    9cf4c9ebb17f0787b5932c29584aac5f1af042dc

  • SHA256

    b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167

  • SHA512

    13866afc4751f2ec32d976a455138a044af8eae0a590affe9470a9b68b2a786895a498a3637fa2f7de503611915bf4080d24a5662a59b77b62790b6a6b959b27

  • SSDEEP

    196608:jtMYDwGWptsQo50Rn3AMB9hCp8CDsB8aZjcC73FG:j7DJ+tsQoJM7hCOCDsB8aZjcC7VG

Score
10/10
vmprotect

Malware Config

Targets

    • Target

      b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167

    • Size

      6.9MB

    • MD5

      645a70bf5b9855af7f9b44fcb2472082

    • SHA1

      9cf4c9ebb17f0787b5932c29584aac5f1af042dc

    • SHA256

      b386b1613ff6ee760cb15d37898c4581f3e87bb6ea3b9b4cf496d812dc772167

    • SHA512

      13866afc4751f2ec32d976a455138a044af8eae0a590affe9470a9b68b2a786895a498a3637fa2f7de503611915bf4080d24a5662a59b77b62790b6a6b959b27

    • SSDEEP

      196608:jtMYDwGWptsQo50Rn3AMB9hCp8CDsB8aZjcC73FG:j7DJ+tsQoJM7hCOCDsB8aZjcC7VG

    Score
    9/10
    vmprotect

    • Detects executables packed with VMProtect.

    • Blocklisted process makes network request

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks