Overview

overview

10

Static

static

7

File.exe.zip

windows7-x64

1

File.exe.zip

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    File.exe.zip

  • Size

    6.5MB

  • Sample

    240522-sl5vfafe6s

  • MD5

    ec2fc61bb39bf11c5e81177b5be7d77b

  • SHA1

    d5fe4286c618fb75729928109b43982b10552b36

  • SHA256

    0f567b317592e4b0738e342d40d37f3ea6ff1c856fbc8ce64f74cb4d33016707

  • SHA512

    2eef69529df2d2997a0348040f0b84ecd1d7489f4410138e42dbed08632158453493fdefe43959f3ae48e6af18ca77bde9093ae5b5e9580461a33aaffa804c92

  • SSDEEP

    196608:p4eG8Sp8m8ZLxQFS8CcqWstCF1QcSGGl7Hzty+OMN:p4eG6xWIwsQDvPGlvtypMN

Score
10/10
privateloaderloadervmprotect

Malware Config

Targets

    • Target

      File.exe.zip

    • Size

      6.5MB

    • MD5

      ec2fc61bb39bf11c5e81177b5be7d77b

    • SHA1

      d5fe4286c618fb75729928109b43982b10552b36

    • SHA256

      0f567b317592e4b0738e342d40d37f3ea6ff1c856fbc8ce64f74cb4d33016707

    • SHA512

      2eef69529df2d2997a0348040f0b84ecd1d7489f4410138e42dbed08632158453493fdefe43959f3ae48e6af18ca77bde9093ae5b5e9580461a33aaffa804c92

    • SSDEEP

      196608:p4eG8Sp8m8ZLxQFS8CcqWstCF1QcSGGl7Hzty+OMN:p4eG6xWIwsQDvPGlvtypMN

    Score
    10/10
    privateloaderloadervmprotect

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

      loaderprivateloader

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks