3d2765abb33c79858adaedae5034d40077bb0b44cd2ecf5b19dde1c14f2fe331 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

QQ餐厅�....8.exe

windows7-x64

7

QQ餐厅�....8.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

fab4c4b1d9c0fe7b0b2785808a3e00f8_JaffaCakes118
Size

535KB
Sample

240927-td1q7azepk
MD5

fab4c4b1d9c0fe7b0b2785808a3e00f8
SHA1

afecad4fd8034af4e0e5d4405cc496589bea1eee
SHA256

3d2765abb33c79858adaedae5034d40077bb0b44cd2ecf5b19dde1c14f2fe331
SHA512

59f19b98a31122d126d92e333a8a6c42dcc7bad41dff794855830dc1c9ec88306f52ce74ac035694a403b15fc761aac3f6f0cac0af56fd9f572fd4ed323ba5be
SSDEEP

12288:/nTmriFM9x9Au3DIXRiTLJCuNo2qn193pvj:7m+69pIXRyClnHpvj

Score

7^/10

discovery vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

QQ餐厅小分队1.3.8/QQ餐厅小分队1.3.8.exe

Resource

win7-20240903-en

discovery vmprotect

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

QQ餐厅小分队1.3.8/QQ餐厅小分队1.3.8.exe

Resource

win10v2004-20240802-en

discovery vmprotect

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  QQ餐厅小分队1.3.8/QQ餐厅小分队1.3.8.exe
- Size
  
  502KB
- MD5
  
  1df865dd0f2685db18b4c0aba913a649
- SHA1
  
  7c011dac5d56a358c516e9319b96d2a448904b5d
- SHA256
  
  d68c3f02421555acdb3f3dfa82810e5580550b88f56e34f07a9bedd3054c6369
- SHA512
  
  6e74a54f25ca4ee33ce9b65b7c2c6012cc4197f263101439741b9bd398c97cb51a24504d204fd07b7d3b91fece5ff395edaebed78c124a5f3c95165bee37e7e9
- SSDEEP
  
  6144:BtIocVrDwh+6cbGMWdGvv/zkWIQWoL9QR5zUmPgG1kVAs9l3w3DFodzyX0oESv00:zIHDscF/IzRysUEgG2fHOFZXW00g7ffL
Score

7^/10

discovery vmprotect
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryvmprotect

behavioral2

discoveryvmprotect

© 2018-2025

Terms | Privacy