Overview

overview

6

Static

static

3

XqeosvmvOM.exe

windows7-x64

5

XqeosvmvOM.exe

windows10-2004-x64

6

Resubmissions

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XqeosvmvOM.exe

  • Size

    22.8MB

  • Sample

    240524-r7thvsaa59

  • MD5

    257afe5adb6d820914820f2f34263dc8

  • SHA1

    ab292842fee5e5031ed0d04140b624b81be1ee8e

  • SHA256

    1bc4b52e734e78fd92042ff55f58c03735b7fff3eb7bfed5611655d71654a25d

  • SHA512

    02b1cd08fce41fc59f177f555665551cd8726c679f6a9097a62e929a6a22e15296bdc8b6b7a0712aa635e9b503e236c8f323bfbaefc81e3310e2f773374de52f

  • SSDEEP

    393216:gvctGrxsatYfdIEy7mdFawPxZa+HeMqAuRV5ijdHeqr8r6RbYLL/wXvnrlDGnz:gggxMfdIP7mOwbxVQV4dz8r6RbIL/wXm

Score
6/10

Malware Config

Targets

    • Target

      XqeosvmvOM.exe

    • Size

      22.8MB

    • MD5

      257afe5adb6d820914820f2f34263dc8

    • SHA1

      ab292842fee5e5031ed0d04140b624b81be1ee8e

    • SHA256

      1bc4b52e734e78fd92042ff55f58c03735b7fff3eb7bfed5611655d71654a25d

    • SHA512

      02b1cd08fce41fc59f177f555665551cd8726c679f6a9097a62e929a6a22e15296bdc8b6b7a0712aa635e9b503e236c8f323bfbaefc81e3310e2f773374de52f

    • SSDEEP

      393216:gvctGrxsatYfdIEy7mdFawPxZa+HeMqAuRV5ijdHeqr8r6RbYLL/wXvnrlDGnz:gggxMfdIP7mOwbxVQV4dz8r6RbIL/wXm

    Score
    6/10

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks