Overview

overview

7

Static

static

7

a7a6c8ce86...73.exe

windows7-x64

7

a7a6c8ce86...73.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a7a6c8ce8650705a2dec218cd5713bc7b52954ce73d10330842ba9c1c3e66f73

  • Size

    1.2MB

  • Sample

    240514-rm9dksaf5x

  • MD5

    8f4f6d1aa9bf713d1519d4a41e06f8cc

  • SHA1

    8e50b6a4ffbbd6c8f82596daa4d3425d27278b5d

  • SHA256

    a7a6c8ce8650705a2dec218cd5713bc7b52954ce73d10330842ba9c1c3e66f73

  • SHA512

    d33d57b1e7791b9ed8171c043bb8c1b20e0fc4a8604e53973983a5afeb95040dc194f960d527bfaed179c10400876ca97dc409bfa00c11f992bf97f7f0ea00b2

  • SSDEEP

    24576:lQ3Uv9DldKagfRYiwyS/akUPougPNtKk7e/8JrJl9si4F:O3s9D7KfpYByS/akUPoH1dJsBF

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      a7a6c8ce8650705a2dec218cd5713bc7b52954ce73d10330842ba9c1c3e66f73

    • Size

      1.2MB

    • MD5

      8f4f6d1aa9bf713d1519d4a41e06f8cc

    • SHA1

      8e50b6a4ffbbd6c8f82596daa4d3425d27278b5d

    • SHA256

      a7a6c8ce8650705a2dec218cd5713bc7b52954ce73d10330842ba9c1c3e66f73

    • SHA512

      d33d57b1e7791b9ed8171c043bb8c1b20e0fc4a8604e53973983a5afeb95040dc194f960d527bfaed179c10400876ca97dc409bfa00c11f992bf97f7f0ea00b2

    • SSDEEP

      24576:lQ3Uv9DldKagfRYiwyS/akUPougPNtKk7e/8JrJl9si4F:O3s9D7KfpYByS/akUPoH1dJsBF

    Score
    7/10
    vmprotect

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks