General

  • Target

    Mocha.exe

  • Size

    5.6MB

  • Sample

    240519-gcsb7sch96

  • MD5

    47fbee8d4ab9789ef882e4a52f07de38

  • SHA1

    1bfc6c517a1597be0dac8865e7c2d1ed72627cdd

  • SHA256

    3e2ffa61e49e010eaed06f313e1b3c9f23a0e9da9c4adf8a2d6a04ce97d0914e

  • SHA512

    5230828b27b3cb88b7a156ba20adba794709e05c3ddd238027291a36518ae0935b0835cc89998923c89b30b348eb6e3eb0d46b734d7b273120580f585ac56de9

  • SSDEEP

    98304:JA+RMC7hN3l8EJAgNjFuOE5CM/YIR8c61qZsf2R8YniYMdLtw:m+mqNeEJXjsH5Yq8c61sR8yiY

Score
7/10

Malware Config

Targets

    • Target

      Mocha.exe

    • Size

      5.6MB

    • MD5

      47fbee8d4ab9789ef882e4a52f07de38

    • SHA1

      1bfc6c517a1597be0dac8865e7c2d1ed72627cdd

    • SHA256

      3e2ffa61e49e010eaed06f313e1b3c9f23a0e9da9c4adf8a2d6a04ce97d0914e

    • SHA512

      5230828b27b3cb88b7a156ba20adba794709e05c3ddd238027291a36518ae0935b0835cc89998923c89b30b348eb6e3eb0d46b734d7b273120580f585ac56de9

    • SSDEEP

      98304:JA+RMC7hN3l8EJAgNjFuOE5CM/YIR8c61qZsf2R8YniYMdLtw:m+mqNeEJXjsH5Yq8c61sR8yiY

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks