f2bce8af8313bd95710966e90e3c5de80728dda7e9b97a26b2e1396e797aef06 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

loader.exe

windows7-x64

7

loader.exe

windows10-2004-x64

7

Sharing

General

Target

loader.exe
Size

11.6MB
Sample

240906-vzshdayenm
MD5

3fb6f7382cd42db4ae7e5d2dceabde54
SHA1

9113821a3227d7c417835c8d437540d7dc25478f
SHA256

f2bce8af8313bd95710966e90e3c5de80728dda7e9b97a26b2e1396e797aef06
SHA512

1e4686f9f02def2147deb748cffb04af01530bbb010e86eeaf79b182538bb4d1a1ce5df28084166138eddda789e788e4f7080b12375f7e390317b31e0429b6a0
SSDEEP

196608:6mu6lFEZs7cq3YvPIrublgpFV16dXL9ygAfWTwTkZDh0SySu42QcGlV:6t6lOZs7Y3yWgpFX6dh1AfNTkZDmXIh

Score

7^/10

vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

loader.exe

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

loader.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  loader.exe
- Size
  
  11.6MB
- MD5
  
  3fb6f7382cd42db4ae7e5d2dceabde54
- SHA1
  
  9113821a3227d7c417835c8d437540d7dc25478f
- SHA256
  
  f2bce8af8313bd95710966e90e3c5de80728dda7e9b97a26b2e1396e797aef06
- SHA512
  
  1e4686f9f02def2147deb748cffb04af01530bbb010e86eeaf79b182538bb4d1a1ce5df28084166138eddda789e788e4f7080b12375f7e390317b31e0429b6a0
- SSDEEP
  
  196608:6mu6lFEZs7cq3YvPIrublgpFV16dXL9ygAfWTwTkZDh0SySu42QcGlV:6t6lOZs7Y3yWgpFX6dh1AfNTkZDmXIh
Score

7^/10

vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy