Overview

overview

8

Static

static

7

c0748eae09...0N.exe

windows7-x64

8

c0748eae09...0N.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    c0748eae096974133b67236dbbfc6bc0N

  • Size

    3.7MB

  • Sample

    240909-v3tvlssfqa

  • MD5

    c0748eae096974133b67236dbbfc6bc0

  • SHA1

    8180b392c4bcb418eef32d333d848b9c97dc3258

  • SHA256

    5f88f4cccb5f3a3237e39265d2b3434664620bb85bc078bb3cadcc93ded3630c

  • SHA512

    7258c02d7607453a9f008e2a6c097e082e0ed3fbf9d265b951b585140f58a9e0b425e77d63151543abe3ee9edafa81af0c37eb537655ddfade3cdeb752eb458a

  • SSDEEP

    98304:jamC2MkcH7PJlIXpHKvIeFebLUZ4pv4pn2:4wKPJIpHKveLU+pv4A

Score
8/10
discoverypersistenceprivilege_escalationvmprotect

Malware Config

Targets

    • Target

      c0748eae096974133b67236dbbfc6bc0N

    • Size

      3.7MB

    • MD5

      c0748eae096974133b67236dbbfc6bc0

    • SHA1

      8180b392c4bcb418eef32d333d848b9c97dc3258

    • SHA256

      5f88f4cccb5f3a3237e39265d2b3434664620bb85bc078bb3cadcc93ded3630c

    • SHA512

      7258c02d7607453a9f008e2a6c097e082e0ed3fbf9d265b951b585140f58a9e0b425e77d63151543abe3ee9edafa81af0c37eb537655ddfade3cdeb752eb458a

    • SSDEEP

      98304:jamC2MkcH7PJlIXpHKvIeFebLUZ4pv4pn2:4wKPJIpHKveLU+pv4A

    Score
    8/10
    discoverypersistenceprivilege_escalationvmprotect

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

      persistenceprivilege_escalation

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks