f1c8aa3fcb7d27a2d7f5645de0713803c181408c082a67c6ac24f7c3b76d3117 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

ntmssvc.dll

windows7-x64

7

ntmssvc.dll

windows10-2004-x64

7

Resubmissions

12-06-2024 20:59

240612-zs4dhszemh 7

12-06-2024 20:51

240612-znh7satdkm 7

12-06-2024 20:47

240612-zkx7jatclk 7

Sharing

General

Target

ntmssvc.dll
Size

5.3MB
Sample

240612-zkx7jatclk
MD5

6588b099f03fc61bca79b987cfbcd897
SHA1

f3e30967ad67ef220512552dde22179c2b4af82e
SHA256

f1c8aa3fcb7d27a2d7f5645de0713803c181408c082a67c6ac24f7c3b76d3117
SHA512

3d842b58ea4df039e8d8311293421babe4bfb015159a7400ee8a19ee373a321d87e489c2fbd02fa8282d879d75fb8da50c9f9f912d31487706979134413545a4
SSDEEP

98304:p/PzxVvzRLIvECcaIj3Q9QL3dGVL7xaEY8jCZeKgq841zEdlUP9gu0IVDPS6kszs:B1VVOW3QSL3dGVlCgquIP9gHamzlX0c

Score

7^/10

vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ntmssvc.dll

Resource

win7-20240419-en

windows7-x64

3 signatures

60 seconds

Behavioral task

behavioral2

Sample

ntmssvc.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

3 signatures

60 seconds

Malware Config

Targets

- Target
  
  ntmssvc.dll
- Size
  
  5.3MB
- MD5
  
  6588b099f03fc61bca79b987cfbcd897
- SHA1
  
  f3e30967ad67ef220512552dde22179c2b4af82e
- SHA256
  
  f1c8aa3fcb7d27a2d7f5645de0713803c181408c082a67c6ac24f7c3b76d3117
- SHA512
  
  3d842b58ea4df039e8d8311293421babe4bfb015159a7400ee8a19ee373a321d87e489c2fbd02fa8282d879d75fb8da50c9f9f912d31487706979134413545a4
- SSDEEP
  
  98304:p/PzxVvzRLIvECcaIj3Q9QL3dGVL7xaEY8jCZeKgq841zEdlUP9gu0IVDPS6kszs:B1VVOW3QSL3dGVlCgquIP9gHamzlX0c
Score

7^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy