Overview

overview

8

Static

static

3

VMProtectSDK64.dll

windows10-2004-x64

1

backend.dll

windows10-2004-x64

1

build.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Loader.rar

  • Size

    893KB

  • Sample

    240807-2gr78aygnh

  • MD5

    93858e61dcb23d02adfd7709f9cee0a1

  • SHA1

    f8863137bd6ee3c72f5b52f3ae4967da522da951

  • SHA256

    a6a3b5243f802a63b2919c016e0ecd50d446cce0b5b1cb52e04104962fe412d8

  • SHA512

    f34f7ad76b9d858d0a997ee6bf198706fbb1771836a33bca2060c6c975be1d05b51ecf0494cbd010426fe19bd3e0428013073fd72fc6ba510c62a36bd820706b

  • SSDEEP

    24576:D+Q7wYCYsaG8wbB6nhymkKAWNUTonot05G6vdiu1r+:DMYqjqAWaTB006v5A

Score
8/10
discovery

Malware Config

Targets

    • Target

      VMProtectSDK64.dll

    • Size

      129KB

    • MD5

      1d1e93903fd693b293c8181c513d6eca

    • SHA1

      1a7964562c30c1d99b6e1869a17fc0f01da7227e

    • SHA256

      0ba63caee55664d487b83da25cb95ae0754c64c26b38716fa69e49bb9a6b655c

    • SHA512

      e69c6191d10f78edae2d1745444e26e74d05dda62651994a2a748777532aecba55b324a697a2674eb902095c5a2a04da9dc3ccb81b80b97f3410a0fa2c801b5f

    • SSDEEP

      3072:AmcqYHq7Aiytzg2ScpvgJcG5sqYX6UgHHlBSV/J:J0Hq7AiyegZgJZSXYnHyh

    Score
    1/10
    behavioral1

    • Target

      backend.dll

    • Size

      717KB

    • MD5

      1f2cc0b1521e6227ba2694c992db36bf

    • SHA1

      271a2168cf0b470e322657b30e78cea7089491d9

    • SHA256

      48a87346fdb1bb26567dfbef82ae7e38032fd32b15344d080e8a97bb0455ba0b

    • SHA512

      5d330b94096a98fce06fb4a65d0f497cacdb7c13838b0a737a59c83e71c8ea2441cebf922b4e539ad1ce1954e03da26cdf52475d637060523aad7ffe963ca1ff

    • SSDEEP

      12288:L0ak2+olFra2fGwtrAxp0N7veDIrRzKb+rDTdjvcyO:L0ak2+olFra2fGwtrAD0htrRz2ODN0

    Score
    1/10
    behavioral2

    • Target

      build.exe

    • Size

      1.4MB

    • MD5

      880a033c8dd4cdfebf6e2a00ff18325d

    • SHA1

      7bbc1abb09a4f4011c44b70680ae64217f44fff1

    • SHA256

      528069558c93953a41fd1a1f6c1f10651555dfeebb3e36a7a8646fec2a396e5a

    • SHA512

      bfb8ac23ec54810e7c5a82de8172c934ee97c597e43665d85cf2e6d77fee3a557ed9ffccb289461de8e325a94ca33740804713c61dc9aecd5dd345e917986d0d

    • SSDEEP

      24576:wzJnIwl1Hsv2BZ9JnMKKQZiXDeOPaW4C30Wemex2ze+9SpPLn7J0:wNdsv2dJnMQ0mPe

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral3

MITRE ATT&CK Enterprise v15

Tasks