Overview

overview

7

Static

static

7

VЕGАS Prо.exe

windows10-2004-x64

7

VЕGАS Prо.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    VЕGАS Prо.exe

  • Size

    101.7MB

  • Sample

    240611-ghqessxcql

  • MD5

    cd5df5f6e86bdd5408d11b6204053c21

  • SHA1

    ea20629b9db077aa6bfe46e16bd22bfdc580d380

  • SHA256

    56f44707456eb8cfd4d7ab6c63c62015515a4a6154ff5e92e92e576b133003d1

  • SHA512

    bf57afe5f6aa6a4affb3bb0a805399eda06d07e170a1d09804cf9b190f53a81d14bea07e421d0991c514e22af3a55077d3d8bf2eb5b7f12b7ad2725c9778448c

  • SSDEEP

    1572864:GRWWlH8DHsD6tzKii6a3/1pY1rSVhFIYUT/zdylJMos/hhQ147FyixHX0w:GwHO53DTFIYUTZyl5ohQrMj

Score
7/10
agilenet

Malware Config

Targets

    • Target

      VЕGАS Prо.exe

    • Size

      101.7MB

    • MD5

      cd5df5f6e86bdd5408d11b6204053c21

    • SHA1

      ea20629b9db077aa6bfe46e16bd22bfdc580d380

    • SHA256

      56f44707456eb8cfd4d7ab6c63c62015515a4a6154ff5e92e92e576b133003d1

    • SHA512

      bf57afe5f6aa6a4affb3bb0a805399eda06d07e170a1d09804cf9b190f53a81d14bea07e421d0991c514e22af3a55077d3d8bf2eb5b7f12b7ad2725c9778448c

    • SSDEEP

      1572864:GRWWlH8DHsD6tzKii6a3/1pY1rSVhFIYUT/zdylJMos/hhQ147FyixHX0w:GwHO53DTFIYUTZyl5ohQrMj

    Score
    7/10
    agilenet

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks