Overview

overview

7

Static

static

7

5b9ecb194b...3f.exe

windows7-x64

7

5b9ecb194b...3f.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b9ecb194b7542803a51584de2570271632209b490ff8ec0879c57d89dca303f

  • Size

    3.6MB

  • Sample

    240901-2ka34stenl

  • MD5

    6c269668da3edd97a1f79aa7b80df238

  • SHA1

    5d072cf10f9251a393ffc5b0322d86510215d52b

  • SHA256

    5b9ecb194b7542803a51584de2570271632209b490ff8ec0879c57d89dca303f

  • SHA512

    f527250cb76d408df0aacbe4ec4bc86a08fb097b512953f00d76ed42cab25b89154f546580483f8e251b3270c3392541352313be8ba3bf792cdc40a2a4549f76

  • SSDEEP

    24576:ZNlaW5n274tWa9speDN1pTG05RwbLR1bIJbKkKF/eMNPj2lpJJ:ZSW5wpCXG1Zw9KFeM0lN

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      5b9ecb194b7542803a51584de2570271632209b490ff8ec0879c57d89dca303f

    • Size

      3.6MB

    • MD5

      6c269668da3edd97a1f79aa7b80df238

    • SHA1

      5d072cf10f9251a393ffc5b0322d86510215d52b

    • SHA256

      5b9ecb194b7542803a51584de2570271632209b490ff8ec0879c57d89dca303f

    • SHA512

      f527250cb76d408df0aacbe4ec4bc86a08fb097b512953f00d76ed42cab25b89154f546580483f8e251b3270c3392541352313be8ba3bf792cdc40a2a4549f76

    • SSDEEP

      24576:ZNlaW5n274tWa9speDN1pTG05RwbLR1bIJbKkKF/eMNPj2lpJJ:ZSW5wpCXG1Zw9KFeM0lN

    Score
    7/10
    discoveryvmprotect

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks