Overview

overview

7

Static

static

7

102cbba7ba...80.exe

windows7-x64

7

102cbba7ba...80.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    102cbba7baf7cdde15b1f5c5ba4cd9b5e6de61ad7bfee0d29219013e775e5580

  • Size

    11.5MB

  • Sample

    240524-hppbraha55

  • MD5

    dee7ca143985f130cc16af67d63e04f1

  • SHA1

    aee3303e5b6af100a902552ab3c30f6701ad25b6

  • SHA256

    102cbba7baf7cdde15b1f5c5ba4cd9b5e6de61ad7bfee0d29219013e775e5580

  • SHA512

    1df206c812e86e283bf3943b4a45078fa5ea0c09a5ae6af2e1285bcbc4624726b5ed757921b4150b70dc1dc5afde7da410979373a4ce2c1845db9316bbcd313e

  • SSDEEP

    196608:LhDwHaI3xrtbsG/Vq/nY/wtEDNEVPSlinmhSw7Wr89BtJaMW3ESsfwGcbTXbtn:LhDqV3xK+E/Y7ZgPmVwkY77bTX

Score
7/10
vmprotect

Malware Config

Targets

    • Target

      102cbba7baf7cdde15b1f5c5ba4cd9b5e6de61ad7bfee0d29219013e775e5580

    • Size

      11.5MB

    • MD5

      dee7ca143985f130cc16af67d63e04f1

    • SHA1

      aee3303e5b6af100a902552ab3c30f6701ad25b6

    • SHA256

      102cbba7baf7cdde15b1f5c5ba4cd9b5e6de61ad7bfee0d29219013e775e5580

    • SHA512

      1df206c812e86e283bf3943b4a45078fa5ea0c09a5ae6af2e1285bcbc4624726b5ed757921b4150b70dc1dc5afde7da410979373a4ce2c1845db9316bbcd313e

    • SSDEEP

      196608:LhDwHaI3xrtbsG/Vq/nY/wtEDNEVPSlinmhSw7Wr89BtJaMW3ESsfwGcbTXbtn:LhDqV3xK+E/Y7ZgPmVwkY77bTX

    Score
    7/10
    vmprotect

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks