64706688105210a3c3d265aceb11475e38bc1f35ffcd72a8d38bacc0806653eb | Triage

Submit
Reports

Overview

overview

7

Static

static

7

krampus.exe

windows7-x64

7

krampus.exe

windows10-2004-x64

7

krampus.exe

macos-10.15-amd64

4

Sharing

General

Target

krampus.exe
Size

5.6MB
Sample

240811-asjxfawcqm
MD5

e3f7cfc15aecea1f817fd9e1c91b2b33
SHA1

4427bc42173e964762c4f003628502ec601d45c0
SHA256

64706688105210a3c3d265aceb11475e38bc1f35ffcd72a8d38bacc0806653eb
SHA512

ed233e15a3d3947feb95c388355d7a8b05a06b2c74997b80dba331facf991f57ae252976a2465bec74c13075d06fa5cdc1930ee8e87da830e6bd1821f8eb2733
SSDEEP

98304:R4UGDPt5D8brm4+Bo4M4du9I0y1ZKnnyZhK9iYRiBSqXGijc/Elh:R4/PD8m4IAOsI0fyiwS/iYsh

Score

7^/10

discovery evasion macos vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

krampus.exe

Resource

win7-20240704-en

discovery vmprotect

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

krampus.exe

Resource

win10v2004-20240802-en

discovery vmprotect

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral3

Sample

krampus.exe

Resource

macos-20240711.1-en

macos-10.15-amd64

1 signatures

150 seconds

Malware Config

Targets

- Target
  
  krampus.exe
- Size
  
  5.6MB
- MD5
  
  e3f7cfc15aecea1f817fd9e1c91b2b33
- SHA1
  
  4427bc42173e964762c4f003628502ec601d45c0
- SHA256
  
  64706688105210a3c3d265aceb11475e38bc1f35ffcd72a8d38bacc0806653eb
- SHA512
  
  ed233e15a3d3947feb95c388355d7a8b05a06b2c74997b80dba331facf991f57ae252976a2465bec74c13075d06fa5cdc1930ee8e87da830e6bd1821f8eb2733
- SSDEEP
  
  98304:R4UGDPt5D8brm4+Bo4M4du9I0y1ZKnnyZhK9iYRiBSqXGijc/Elh:R4/PD8m4IAOsI0fyiwS/iYsh
Score

7^/10

discovery vmprotect evasion
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Resource Forking

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

behavioral2

discoveryvmprotect

behavioral3

© 2018-2025

Terms | Privacy