Overview

overview

7

Static

static

7

5e8b20a2bd...4d.exe

windows7-x64

7

5e8b20a2bd...4d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e8b20a2bd0af6d9e159f924984400018f8d648cd28d8e136117f8e34bc67a4d

  • Size

    3.2MB

  • Sample

    240823-gb1xysxfrg

  • MD5

    2aab67f82d7a54a722e1d059fd3491cd

  • SHA1

    4a5222daf2a83af17c1f7341a3808b9ea07df64e

  • SHA256

    5e8b20a2bd0af6d9e159f924984400018f8d648cd28d8e136117f8e34bc67a4d

  • SHA512

    d5d5ea6229110ec9e8a660aa42e6a0d464917af58160309ff541d4f7bc91fb8568d2a896d72e2392eda06dede17fa848f228a7148251a303c6c473e29c794d0d

  • SSDEEP

    98304:+G1t40FeZQ4vU5/H08aj/VqLuN2dHdFTaGoMD24vmZyUMY9Nr2LNld:+G1t3oZQ4vU5/H08aj/VqLuN2dHdFTag

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      5e8b20a2bd0af6d9e159f924984400018f8d648cd28d8e136117f8e34bc67a4d

    • Size

      3.2MB

    • MD5

      2aab67f82d7a54a722e1d059fd3491cd

    • SHA1

      4a5222daf2a83af17c1f7341a3808b9ea07df64e

    • SHA256

      5e8b20a2bd0af6d9e159f924984400018f8d648cd28d8e136117f8e34bc67a4d

    • SHA512

      d5d5ea6229110ec9e8a660aa42e6a0d464917af58160309ff541d4f7bc91fb8568d2a896d72e2392eda06dede17fa848f228a7148251a303c6c473e29c794d0d

    • SSDEEP

      98304:+G1t40FeZQ4vU5/H08aj/VqLuN2dHdFTaGoMD24vmZyUMY9Nr2LNld:+G1t3oZQ4vU5/H08aj/VqLuN2dHdFTag

    Score
    7/10
    discoveryvmprotect

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks