Overview

overview

7

Static

static

7

db32767f10...bb.exe

windows7-x64

7

db32767f10...bb.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    db32767f105660ab2a215c44ee942577bf84ef55147043c522c89cb441f197bb

  • Size

    381KB

  • Sample

    240809-rh9tjs1gjl

  • MD5

    9e410144ea9d1f61fd49dc9a802ec84b

  • SHA1

    e41e7b5efe43cc00443589167acdf24befe21d6d

  • SHA256

    db32767f105660ab2a215c44ee942577bf84ef55147043c522c89cb441f197bb

  • SHA512

    6154a0cae3435601b5f2af749d3c071727924ebcde1d6f3068b1f1dcef87425a62a77a77a1ed38e6112b8e38f5b2e4b64d557f0c759640d29e674ac1b806204c

  • SSDEEP

    6144:VciT6/C9pldDxUgTcQXISj/KlHL5b8dybywyqNBsxE+SdPbtNYaZlLBeJV:jMC9L/P4E2Kyb3sxE++PbzlLBeJV

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      db32767f105660ab2a215c44ee942577bf84ef55147043c522c89cb441f197bb

    • Size

      381KB

    • MD5

      9e410144ea9d1f61fd49dc9a802ec84b

    • SHA1

      e41e7b5efe43cc00443589167acdf24befe21d6d

    • SHA256

      db32767f105660ab2a215c44ee942577bf84ef55147043c522c89cb441f197bb

    • SHA512

      6154a0cae3435601b5f2af749d3c071727924ebcde1d6f3068b1f1dcef87425a62a77a77a1ed38e6112b8e38f5b2e4b64d557f0c759640d29e674ac1b806204c

    • SSDEEP

      6144:VciT6/C9pldDxUgTcQXISj/KlHL5b8dybywyqNBsxE+SdPbtNYaZlLBeJV:jMC9L/P4E2Kyb3sxE++PbzlLBeJV

    Score
    7/10
    discoveryvmprotect

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks