Overview

overview

8

Static

static

3

WalkSim.dll

windows7-x64

8

WalkSim.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WalkSim.dll

  • Size

    135KB

  • Sample

    240425-yk84csea2t

  • MD5

    68c840830c22111e7e05dbc7a8f400f6

  • SHA1

    e624900860a73cb9c704a8c4b51568b0178ac875

  • SHA256

    73f99bad125491111d1821b38d9fb49de0a10c38a8c950e384d3f7ee18f02603

  • SHA512

    a894ff1b3e5794e53ca450886ccce99d46d8d2f9e98bb7a001a63ff429774529b716ac489f33fa34720a2710653389a182de7181cd8b77e3a2f2001042c69b80

  • SSDEEP

    3072:fK+IyPGahH/dfJ/NV8jM0R5WScidv0UZ4te9Doah:o6N/v1V8j/GScQsk4te9Do

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      WalkSim.dll

    • Size

      135KB

    • MD5

      68c840830c22111e7e05dbc7a8f400f6

    • SHA1

      e624900860a73cb9c704a8c4b51568b0178ac875

    • SHA256

      73f99bad125491111d1821b38d9fb49de0a10c38a8c950e384d3f7ee18f02603

    • SHA512

      a894ff1b3e5794e53ca450886ccce99d46d8d2f9e98bb7a001a63ff429774529b716ac489f33fa34720a2710653389a182de7181cd8b77e3a2f2001042c69b80

    • SSDEEP

      3072:fK+IyPGahH/dfJ/NV8jM0R5WScidv0UZ4te9Doah:o6N/v1V8j/GScQsk4te9Do

    Score
    8/10
    vmprotect

    • Downloads MZ/PE file

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks