Overview

overview

7

Static

static

7

rajatso.exe

windows7-x64

7

rajatso.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rajatso.exe

  • Size

    6.1MB

  • Sample

    240425-vqsf1sch4x

  • MD5

    e3893c7d47a164a03e65721097e00f25

  • SHA1

    be9d30d635c3196a0ce383b44414eb290b440d59

  • SHA256

    fcb69e56778a17316ace6d8f6721269e2c47e12a79955a6ef288b9ebfc9c3a0e

  • SHA512

    3e68799bf1d6983f635e92fbe800448029ab8312dfa9457d660c541eb839a0348562d4e7916886bff3b25812055fae9a7bc788837a5106e599854cdfad259ce4

  • SSDEEP

    196608:P0epq2eyQCWm9dQHYE/S1oxVDhua1eyEQuZQ:PhauddGHDhuIeyN

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      rajatso.exe

    • Size

      6.1MB

    • MD5

      e3893c7d47a164a03e65721097e00f25

    • SHA1

      be9d30d635c3196a0ce383b44414eb290b440d59

    • SHA256

      fcb69e56778a17316ace6d8f6721269e2c47e12a79955a6ef288b9ebfc9c3a0e

    • SHA512

      3e68799bf1d6983f635e92fbe800448029ab8312dfa9457d660c541eb839a0348562d4e7916886bff3b25812055fae9a7bc788837a5106e599854cdfad259ce4

    • SSDEEP

      196608:P0epq2eyQCWm9dQHYE/S1oxVDhua1eyEQuZQ:PhauddGHDhuIeyN

    Score
    7/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks