8f6214bd09840f3bfb5d37ef635b9a29d4398ad07eadc48336b55e1162a20147 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

AIO FERR.exe

windows7-x64

7

AIO FERR.exe

windows10-2004-x64

7

Sharing

General

Target

AIO FERR.exe
Size

8.4MB
Sample

240905-2vh7gatcpf
MD5

fe308eda3465edeb238bb5cbf56b529f
SHA1

c990c8809af75d4fe70fdbd418089a18100f704f
SHA256

8f6214bd09840f3bfb5d37ef635b9a29d4398ad07eadc48336b55e1162a20147
SHA512

1596524587366ec75950756de2e22fdc98165973973bef4d214bf6a93c376c06fbedea196d10ba1db7641b10974141e87349dfb6d590a64c5bc8121c8629af98
SSDEEP

196608:su2iM9FbvaJ/WJjx2AwIYsZPm0JlHhekok1:su2iwbvEWJjhwNsF/B0S

Score

7^/10

vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

AIO FERR.exe

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

AIO FERR.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  AIO FERR.exe
- Size
  
  8.4MB
- MD5
  
  fe308eda3465edeb238bb5cbf56b529f
- SHA1
  
  c990c8809af75d4fe70fdbd418089a18100f704f
- SHA256
  
  8f6214bd09840f3bfb5d37ef635b9a29d4398ad07eadc48336b55e1162a20147
- SHA512
  
  1596524587366ec75950756de2e22fdc98165973973bef4d214bf6a93c376c06fbedea196d10ba1db7641b10974141e87349dfb6d590a64c5bc8121c8629af98
- SSDEEP
  
  196608:su2iM9FbvaJ/WJjx2AwIYsZPm0JlHhekok1:su2iwbvEWJjhwNsF/B0S
Score

7^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy