Overview

overview

8

Static

static

3

Loader.vmp.exe

windows10-2004-x64

8

Resubmissions

03/07/2024, 19:35

240703-yax84svbnq 8

03/07/2024, 19:34

240703-yacx6svblq 8

03/07/2024, 19:31

240703-x8r93swdna 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Loader.vmp.exe

  • Size

    6.2MB

  • Sample

    240703-yax84svbnq

  • MD5

    02012895dc6453c774d21a4043cae96c

  • SHA1

    f1c1d01805c6503cd3f21879566c1156cf9a8b8a

  • SHA256

    780d59c53dc2ebe8ec84af5536870515e057a98c66e4b44f09d8bf7369e9df49

  • SHA512

    7a656b71a17f57d77770a3fc97dac5b02ae5dd4c78211a0a72b98c087ee2be7512f0b943dea544175916bf81e76f6584240615b314db48993d1d278c57fb1e47

  • SSDEEP

    196608:DQZrLRsJzG6sMhX0nKyZXsC6C0eK9LXxEf:DcDnKySpjXxS

Score
8/10
evasionexecutionpersistence

Malware Config

Targets

    • Target

      Loader.vmp.exe

    • Size

      6.2MB

    • MD5

      02012895dc6453c774d21a4043cae96c

    • SHA1

      f1c1d01805c6503cd3f21879566c1156cf9a8b8a

    • SHA256

      780d59c53dc2ebe8ec84af5536870515e057a98c66e4b44f09d8bf7369e9df49

    • SHA512

      7a656b71a17f57d77770a3fc97dac5b02ae5dd4c78211a0a72b98c087ee2be7512f0b943dea544175916bf81e76f6584240615b314db48993d1d278c57fb1e47

    • SSDEEP

      196608:DQZrLRsJzG6sMhX0nKyZXsC6C0eK9LXxEf:DcDnKySpjXxS

    Score
    8/10
    evasionexecutionpersistence

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • Stops running service(s)

      evasionexecution

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks