Overview

overview

7

Static

static

3

bb66fc1377...c9.exe

windows7-x64

7

bb66fc1377...c9.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    bb66fc1377482a7fdcb88db60d75511da24dcb680d958fdd9937cb919fe578c9

  • Size

    12.7MB

  • Sample

    240911-r8tj9axapf

  • MD5

    e8ddb9c25f0cd6d9fa94ec5b57c3c0f1

  • SHA1

    931d5421019e7850d2807af37d657550d840d86a

  • SHA256

    bb66fc1377482a7fdcb88db60d75511da24dcb680d958fdd9937cb919fe578c9

  • SHA512

    88c7fc571e96e46dc8a6ba157c7080b28ca31675099a3406d24dcde7f52a988e16d9b8df20e8273ba219521e1db865285b9b63daf60ba084dfee4861341fab6e

  • SSDEEP

    196608:vXto1bCsgNvDTo+DN3SZdmbuJ1BQNpNWveYQb0ZsL+qCOtYBoaCcFBmPfHpuB:PRNLTLN3SZ8buJwY2YdsNCOzadBm5U

Score
7/10
discoveryvmprotect

Malware Config

Targets

    • Target

      bb66fc1377482a7fdcb88db60d75511da24dcb680d958fdd9937cb919fe578c9

    • Size

      12.7MB

    • MD5

      e8ddb9c25f0cd6d9fa94ec5b57c3c0f1

    • SHA1

      931d5421019e7850d2807af37d657550d840d86a

    • SHA256

      bb66fc1377482a7fdcb88db60d75511da24dcb680d958fdd9937cb919fe578c9

    • SHA512

      88c7fc571e96e46dc8a6ba157c7080b28ca31675099a3406d24dcde7f52a988e16d9b8df20e8273ba219521e1db865285b9b63daf60ba084dfee4861341fab6e

    • SSDEEP

      196608:vXto1bCsgNvDTo+DN3SZdmbuJ1BQNpNWveYQb0ZsL+qCOtYBoaCcFBmPfHpuB:PRNLTLN3SZ8buJwY2YdsNCOzadBm5U

    Score
    7/10
    discoveryvmprotect

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks