General

  • Target

    dc6d8ff07cb07178704b1a74684f5900cb38905ae68c0db4a3011e1c03b76a0e.exe

  • Size

    572KB

  • Sample

    240519-cl1mqadb3y

  • MD5

    467379b5ca075539e04219d73d43d11d

  • SHA1

    452a34bf81afe06df7d960554e3dc05ba650058d

  • SHA256

    dc6d8ff07cb07178704b1a74684f5900cb38905ae68c0db4a3011e1c03b76a0e

  • SHA512

    2511d99e22e1e9194f9a07d4190abddfd5095879eb68593095f08445a281acf8bd4d538a3ce94afb9d4b0116a545fa51334c860b6ab14512dae84b6aaca27cc7

  • SSDEEP

    12288:K8AJRvlgwO7RVPFRS8dFdJxeJSVZB86ds4YojpgYWAK6GGkWD8o/Oo/L:KG15nIQm6drYopg3J6GGioGoz

Score
10/10

Malware Config

Targets

    • Target

      dc6d8ff07cb07178704b1a74684f5900cb38905ae68c0db4a3011e1c03b76a0e.exe

    • Size

      572KB

    • MD5

      467379b5ca075539e04219d73d43d11d

    • SHA1

      452a34bf81afe06df7d960554e3dc05ba650058d

    • SHA256

      dc6d8ff07cb07178704b1a74684f5900cb38905ae68c0db4a3011e1c03b76a0e

    • SHA512

      2511d99e22e1e9194f9a07d4190abddfd5095879eb68593095f08445a281acf8bd4d538a3ce94afb9d4b0116a545fa51334c860b6ab14512dae84b6aaca27cc7

    • SSDEEP

      12288:K8AJRvlgwO7RVPFRS8dFdJxeJSVZB86ds4YojpgYWAK6GGkWD8o/Oo/L:KG15nIQm6drYopg3J6GGioGoz

    Score
    9/10
    • Detects executables packed with VMProtect.

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks