General

  • Target

    Atomic.exe

  • Size

    5.5MB

  • Sample

    240520-bk36sada8y

  • MD5

    33761f9d4f3e3370e2fd3d765d73e972

  • SHA1

    c3108445737936c08db84707a9634b2353e45b97

  • SHA256

    29bc22a8145c11a8dc23684b45ef9616ba5b8b8bee1a10c1b90e31884c149a9e

  • SHA512

    f147b164802ee1cb4e66674b7d8a0d94716f55a9b04740f7e73fe30c156761cf5192de439ab3890423d6c37e9a61f20781ff92fca8948300c295e22dc893eaec

  • SSDEEP

    98304:nLdy7EZLpH/coQ0O8VeXWsSCPvoY7kOvRCS5CaQKHS+V8tR2eN+tFJG2wh/aSjtE:LdyALhkoQ0uXW3CXiOP53yS8e/MT5aSW

Malware Config

Targets

    • Target

      Atomic.exe

    • Size

      5.5MB

    • MD5

      33761f9d4f3e3370e2fd3d765d73e972

    • SHA1

      c3108445737936c08db84707a9634b2353e45b97

    • SHA256

      29bc22a8145c11a8dc23684b45ef9616ba5b8b8bee1a10c1b90e31884c149a9e

    • SHA512

      f147b164802ee1cb4e66674b7d8a0d94716f55a9b04740f7e73fe30c156761cf5192de439ab3890423d6c37e9a61f20781ff92fca8948300c295e22dc893eaec

    • SSDEEP

      98304:nLdy7EZLpH/coQ0O8VeXWsSCPvoY7kOvRCS5CaQKHS+V8tR2eN+tFJG2wh/aSjtE:LdyALhkoQ0uXW3CXiOP53yS8e/MT5aSW

    • Stops running service(s)

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks