Overview

overview

7

Static

static

7

Unconfirme...24.zip

windows11-21h2-x64

7

Resubmissions

09-08-2024 01:11

240809-bkehesxfmf 8

09-08-2024 01:07

240809-bg4m5stfjm 8

09-08-2024 01:04

240809-bfazfaxeld 7

09-08-2024 00:52

240809-a7538atcnp 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Unconfirmed 601024.crdownload

  • Size

    8.9MB

  • Sample

    240809-a7538atcnp

  • MD5

    926e6e63f9df75420b7964345fbb84c5

  • SHA1

    d11759590852f2ac94a3f86fb86f2d30e7134a35

  • SHA256

    661324fbbc8c41a7a2c1cb6fa8430ed60bde6d032b871b1a56586948a990e197

  • SHA512

    b48908f397340567df63b337087a5d62d76a962f8860aafb95e0ce54301a87fb95fc22b3df53949fa174e7b3fe264756676e2e8a1b90f490399897e1c80aa440

  • SSDEEP

    196608:98zPw4KF/kop4qGwABiGBaossKiTXgKjo45812OHclQ6/BTcE0JN6ayPim:qwujBURsBTXX811a5oE0JN6LPZ

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      Unconfirmed 601024.crdownload

    • Size

      8.9MB

    • MD5

      926e6e63f9df75420b7964345fbb84c5

    • SHA1

      d11759590852f2ac94a3f86fb86f2d30e7134a35

    • SHA256

      661324fbbc8c41a7a2c1cb6fa8430ed60bde6d032b871b1a56586948a990e197

    • SHA512

      b48908f397340567df63b337087a5d62d76a962f8860aafb95e0ce54301a87fb95fc22b3df53949fa174e7b3fe264756676e2e8a1b90f490399897e1c80aa440

    • SSDEEP

      196608:98zPw4KF/kop4qGwABiGBaossKiTXgKjo45812OHclQ6/BTcE0JN6ayPim:qwujBURsBTXX811a5oE0JN6LPZ

    Score
    7/10
    discoveryvmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks