9b9aa5008b965f04b296fd8847c5c2448fa0edf988bb26cacde454fc5ca0ccfc | Triage

Submit
Reports

Overview

overview

8

Static

static

7

9b9aa5008b...fc.exe

windows7-x64

8

9b9aa5008b...fc.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

9b9aa5008b965f04b296fd8847c5c2448fa0edf988bb26cacde454fc5ca0ccfc
Size

373KB
Sample

240913-yryafawbqr
MD5

80533c26ecfa1f6bec0e84b21fd45350
SHA1

ef47a5af18fbafad032628de2e32305a5ed92d43
SHA256

9b9aa5008b965f04b296fd8847c5c2448fa0edf988bb26cacde454fc5ca0ccfc
SHA512

c614ee8236a718fb6f2384be8221d208d4a01776ccf7de4e2201baf2b5f36544d8452872a828f7d999fc2d9455131bb5437cbc0e52dcea42cab2cf70f21174e4
SSDEEP

6144:1lIJoC+QoPipyIvVR6lb6hrrL/OHIRAg5lZbYcU2tzIX663Bg+5Tkb1z8IM65IDW:1KJoC+XipyIvLOmrrL6IRAEPbZUAIX6+

Score

8^/10

aspackv2 discovery vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

9b9aa5008b965f04b296fd8847c5c2448fa0edf988bb26cacde454fc5ca0ccfc.exe

Resource

win7-20240903-en

discovery vmprotect

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

9b9aa5008b965f04b296fd8847c5c2448fa0edf988bb26cacde454fc5ca0ccfc.exe

Resource

win10v2004-20240802-en

discovery vmprotect

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  9b9aa5008b965f04b296fd8847c5c2448fa0edf988bb26cacde454fc5ca0ccfc
- Size
  
  373KB
- MD5
  
  80533c26ecfa1f6bec0e84b21fd45350
- SHA1
  
  ef47a5af18fbafad032628de2e32305a5ed92d43
- SHA256
  
  9b9aa5008b965f04b296fd8847c5c2448fa0edf988bb26cacde454fc5ca0ccfc
- SHA512
  
  c614ee8236a718fb6f2384be8221d208d4a01776ccf7de4e2201baf2b5f36544d8452872a828f7d999fc2d9455131bb5437cbc0e52dcea42cab2cf70f21174e4
- SSDEEP
  
  6144:1lIJoC+QoPipyIvVR6lb6hrrL/OHIRAg5lZbYcU2tzIX663Bg+5Tkb1z8IM65IDW:1KJoC+XipyIvLOmrrL6IRAEPbZUAIX6+
Score

8^/10

discovery vmprotect
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

behavioral2

discoveryvmprotect

© 2018-2025

Terms | Privacy