General
-
Target
6ce2dd44af698342d0f4afdb2ac98bde.bin
-
Size
3.0MB
-
Sample
240726-cjyqcazcjk
-
MD5
6ce2dd44af698342d0f4afdb2ac98bde
-
SHA1
a3ec89d5554106a44da1b8031ebd392bb45f604e
-
SHA256
af65ccab4775f2f089c7bb81185b2913c250e730ff4825f644468f9120a3840f
-
SHA512
1a1d90f4dfd18b3a63ae8bee8a09399ffe8f27cbb8878b03278490be91bc2640ff6ab9783d8d9c99d200cd5d1eeb818d7e807b870a08270e3765ef08d60a76e2
-
SSDEEP
49152:3nB567vTZhkF3uDWUQG1+HPT7REpTlqs0n5IKQPMLQgaG17wNR0YbWAb/Eb667RY:G77ZhkwDWUJW/AQs0aKkgaGUNSYbWCsU
Malware Config
Targets
-
-
Target
6ce2dd44af698342d0f4afdb2ac98bde.bin
-
Size
3.0MB
-
MD5
6ce2dd44af698342d0f4afdb2ac98bde
-
SHA1
a3ec89d5554106a44da1b8031ebd392bb45f604e
-
SHA256
af65ccab4775f2f089c7bb81185b2913c250e730ff4825f644468f9120a3840f
-
SHA512
1a1d90f4dfd18b3a63ae8bee8a09399ffe8f27cbb8878b03278490be91bc2640ff6ab9783d8d9c99d200cd5d1eeb818d7e807b870a08270e3765ef08d60a76e2
-
SSDEEP
49152:3nB567vTZhkF3uDWUQG1+HPT7REpTlqs0n5IKQPMLQgaG17wNR0YbWAb/Eb667RY:G77ZhkwDWUJW/AQs0aKkgaGUNSYbWCsU
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-