General

  • Target

    AppNee.com.VMProtect.Ultimate.v3.5.0.Portable.FR.7z

  • Size

    36.7MB

  • Sample

    241107-napa4atmgr

  • MD5

    e8561154c40b9887e6c5797cbbba89f7

  • SHA1

    2c5aa8c23c88bd3cbcabad92ccfda2797066267a

  • SHA256

    10c6a94f392eaa27761cb867ab9d1823b9587fc828c748649b044a133b9b4ff1

  • SHA512

    4d23ec2d74eb4f5e5116536fe02b6d397791869552ce0a3a08de4e0abc099aecaebbd8a590cfe7b15ee1834938b70a2fe0373e91fdb0579de5ca48a1c93060c2

  • SSDEEP

    786432:wMst8oeuik+PIP5kU0hHpvmudjVdkqtI3NLIE91Z:wjt8oenk+AX0b+ItSLvj

Malware Config

Targets

    • Target

      VMProtect Ultimate/Example/Code Markers/BCB/VMProtectSDK32.dll

    • Size

      98KB

    • MD5

      29e0b67635a30d87d929bc1614eff68f

    • SHA1

      180a56d7fb6473ae8449fea7f2e6f105e9e5bb0b

    • SHA256

      b2dd017dd8bf60e5a439a202af9e4dbd8a4bf57d72e6dc7528484c6f34eadc8e

    • SHA512

      68a8266a1a6f2b270e9dff6b553fff4f7557ed05496aa8007b29a3bacfcf9d4228175a34460ceb43a797e8e7f44d7b33088c67fd835e3e56c64e92868ef27c49

    • SSDEEP

      1536:ET33kLmdI52QC2mCYKw2cr2RhXbZ9qu/nDw2a1+YRroJQusWMIcdwX0YXowGF:0hQC2mCYK3RhrZ9dPk2Q9yMJwX0YRG

    Score
    3/10
    • Target

      VMProtect Ultimate/Example/Code Markers/Delphi/Project1.exe

    • Size

      887KB

    • MD5

      fcdd67939f856f8bcfc404bb5f706ec7

    • SHA1

      758d14e6d838e12d2c1e52f65594a91dbe744f4b

    • SHA256

      a14c1e75ce36821ecd80e4525c888c9d58e80a23a8a5f6ebe9923f6a33d93e7d

    • SHA512

      18be594c08513e005840d9af00174edb021fda635e5331528310f72fcfce20938edef99965ccf0039ec0283500239642bb6ff6809ef797c79f6c4c5ba1a6aff2

    • SSDEEP

      24576:FiRfWQHP2VPwHgzDe/EMdwBmSPk96vBL/5YSnrnS:AWHPISVZ9YSrnS

    Score
    3/10
    • Target

      VMProtect Ultimate/Example/Code Markers/Delphi/VMProtectSDK32.dll

    • Size

      98KB

    • MD5

      29e0b67635a30d87d929bc1614eff68f

    • SHA1

      180a56d7fb6473ae8449fea7f2e6f105e9e5bb0b

    • SHA256

      b2dd017dd8bf60e5a439a202af9e4dbd8a4bf57d72e6dc7528484c6f34eadc8e

    • SHA512

      68a8266a1a6f2b270e9dff6b553fff4f7557ed05496aa8007b29a3bacfcf9d4228175a34460ceb43a797e8e7f44d7b33088c67fd835e3e56c64e92868ef27c49

    • SSDEEP

      1536:ET33kLmdI52QC2mCYKw2cr2RhXbZ9qu/nDw2a1+YRroJQusWMIcdwX0YXowGF:0hQC2mCYK3RhrZ9dPk2Q9yMJwX0YRG

    Score
    3/10
    • Target

      VMProtect Ultimate/Example/Code Markers/Free Pascal/Project1

    • Size

      355KB

    • MD5

      0f748d65e665cb249408a25694f1c016

    • SHA1

      c31e8b9ef31986ccc0ea19abf337d3fe7b82f479

    • SHA256

      d1951f724d2aa423bb2c29eae92069b676b33a7d0e9d371a45e1d942c4a28a8d

    • SHA512

      2da9405d516aee9a9bdd8372013ad4b1dbc4f7b031703673b684e97194f4a1e1c5afa1c2bb84e5c339f839dd4ad71caaa60604742908d1ae74f729f1b5d5736b

    • SSDEEP

      6144:oRy5S3+kZrUHMNsP96a2FAtzojOGV2Spqjj/Ig7t/H9WIBR8PEZIPCJRK:oRy5S9ZrUHMNY9sFAtcaG8jV5/RBR8PP

    Score
    1/10
    • Target

      VMProtect Ultimate/Example/Code Markers/Free Pascal/Project1.exe

    • Size

      77KB

    • MD5

      e524da8fbf47a18fbae7ba94943eb451

    • SHA1

      3aae8e31b4f7f14cd607b48291546d1a3233aff2

    • SHA256

      afda096738c0646e01a2b3d2c000fe48b80376ce8464be660764ed2004ba5de3

    • SHA512

      c0641d9f1a1778095bfbd6463bc35caeaa3d3bb7cc4350d3853b40c7d72ef13e969ec4627319e25d05bf22cc83443010b45153721118261ba2b3c12634e078f4

    • SSDEEP

      768:aivdTUc6NCnV/mfVKo6fuTy005j5y29zwB8p5UzNve9a+ZxeN/X3GRsYjY2zgy0p:JnwfH0uGV5MNy0l/vv

    Score
    3/10
    • Target

      VMProtect Ultimate/Example/Code Markers/Free Pascal/VMProtectSDK32.dll

    • Size

      98KB

    • MD5

      29e0b67635a30d87d929bc1614eff68f

    • SHA1

      180a56d7fb6473ae8449fea7f2e6f105e9e5bb0b

    • SHA256

      b2dd017dd8bf60e5a439a202af9e4dbd8a4bf57d72e6dc7528484c6f34eadc8e

    • SHA512

      68a8266a1a6f2b270e9dff6b553fff4f7557ed05496aa8007b29a3bacfcf9d4228175a34460ceb43a797e8e7f44d7b33088c67fd835e3e56c64e92868ef27c49

    • SSDEEP

      1536:ET33kLmdI52QC2mCYKw2cr2RhXbZ9qu/nDw2a1+YRroJQusWMIcdwX0YXowGF:0hQC2mCYK3RhrZ9dPk2Q9yMJwX0YRG

    Score
    3/10
    • Target

      VMProtect Ultimate/Example/Code Markers/Free Pascal/libVMProtectSDK.dylib

    • Size

      49KB

    • MD5

      7352f43192be5adfac2287679147a306

    • SHA1

      dc8b86fe47ebaccadb99665d6e038cedb84a722d

    • SHA256

      42a1f34f87ee3f435a97dee1aefd1a9576bdc5fc8186ff3f1530a8cfa29655ec

    • SHA512

      70ecef06738ecabbfd0ca49ab75c0da26fea6859171e9f1c858c1bd4fb6c53d16fffab70d568de9b2787f08f6a9726de68868aa6ae5bdc159db10c3cb2b7effe

    • SSDEEP

      768:JYsIlAGwZIxl19U1I+8Qi0RWOdQL8r+3INQwVldkFYuMAykBGSZtQ1:+sEw20+Wx

    Score
    1/10
    • Target

      VMProtect Ultimate/Example/Code Markers/Free Pascal/makeit.bat

    • Size

      104B

    • MD5

      7c59610d2f4611980913211ad36375af

    • SHA1

      ca86a95bf4bf72407f6ab2a15933402a451036c6

    • SHA256

      2062ace492beeb520c23bc3617c66af0b3b822ad3c6c1baf4e6883ad0a7f879f

    • SHA512

      c41a265d9713807c3a1abe1d9c7b66de70d27ed847b7cd5e3d1eb1edb972b3d3bfc47f9f570db15864db55ad315a5bc60b1c599a69289a70c7368cf4e7a813bc

    Score
    1/10
    • Target

      VMProtect Ultimate/Example/Code Markers/Free Pascal/makeit.sh

    • Size

      70B

    • MD5

      49f4fda335793090271c10668c2da780

    • SHA1

      e851f9b0d4bf6bbc5a8269cbe6d99938fbc271b7

    • SHA256

      1fb56c36d9d46a8cdad55d79839b9ac59a86d15df518800208957afb8a51efe4

    • SHA512

      29e5ef7618375c8284ca217642b9ede6d57a273882fcacefa39104603778124512ee8e82220326db5fb00ae614f07ed20549bbaca9019d271dfde28172d11243

    Score
    3/10
    • Target

      VMProtect Ultimate/Example/Code Markers/GCC/Project1

    • Size

      8KB

    • MD5

      d9a7d8095dc2e48c9827a498debb9d9a

    • SHA1

      ee7931c457468adb3cafd8f31b70753ff217174e

    • SHA256

      6bd7626d74b11df5a7b7b49b1a7a08ebe6f21b870c4493d50d53eba8036b879e

    • SHA512

      2ec7468348f93c93a859bef5188e32377644c2fe411d5feea260f9c44590545935c1728e263bc1c06a2ed8457951bb03f1d7e3a40103d73be0585b3437f94b68

    • SSDEEP

      48:xH35L/ifdnpgS4zgFjf1j7hQvTc1IkjaFET:xH3M0kFjff1njaq

    Score
    1/10
    • Target

      VMProtect Ultimate/Example/Code Markers/GCC/libVMProtectSDK.dylib

    • Size

      49KB

    • MD5

      7352f43192be5adfac2287679147a306

    • SHA1

      dc8b86fe47ebaccadb99665d6e038cedb84a722d

    • SHA256

      42a1f34f87ee3f435a97dee1aefd1a9576bdc5fc8186ff3f1530a8cfa29655ec

    • SHA512

      70ecef06738ecabbfd0ca49ab75c0da26fea6859171e9f1c858c1bd4fb6c53d16fffab70d568de9b2787f08f6a9726de68868aa6ae5bdc159db10c3cb2b7effe

    • SSDEEP

      768:JYsIlAGwZIxl19U1I+8Qi0RWOdQL8r+3INQwVldkFYuMAykBGSZtQ1:+sEw20+Wx

    Score
    1/10
    • Target

      VMProtect Ultimate/Example/Code Markers/GCC/makeit.sh

    • Size

      419B

    • MD5

      f6a42f92cb10385709844a3cc9a03e65

    • SHA1

      c3f626c5252457fcfffa93d82583a41bb9924a68

    • SHA256

      8e19ce0f8d045ca709ac029631bd913c02ad5b3e95d9d792cd6d18a88eb4a0d2

    • SHA512

      7dfca41b6ed04b63219c73ae947867dc90c8935b8ae82018ba12275367644130ea4a07aa0c7b285fee0530554656dd43407f5c8a35a937897ae233a4470c6665

    Score
    3/10
    • Target

      VMProtect Ultimate/Example/Code Markers/MASM/Project1.exe

    • Size

      3KB

    • MD5

      a3741eebfb4ee6623dd3ea2561f6ac3b

    • SHA1

      2507c8fdfd7024aec855e40dfc7b3d01afbb9568

    • SHA256

      7e90ae83789d2a44ec9c5ee5b38586e5898dcbfefb0e754af6fd0720eea21dde

    • SHA512

      495d138ea41b198ca1518fedccbde57d6748df511bd4230188cce4d5a81d415fe20298dfac837dcce54ba3f7f61f0244e8d09a856fcfc12f51a3c6fb0e34bd07

    Score
    3/10
    • Target

      VMProtect Ultimate/Example/Code Markers/MASM/VMProtectSDK32.dll

    • Size

      98KB

    • MD5

      29e0b67635a30d87d929bc1614eff68f

    • SHA1

      180a56d7fb6473ae8449fea7f2e6f105e9e5bb0b

    • SHA256

      b2dd017dd8bf60e5a439a202af9e4dbd8a4bf57d72e6dc7528484c6f34eadc8e

    • SHA512

      68a8266a1a6f2b270e9dff6b553fff4f7557ed05496aa8007b29a3bacfcf9d4228175a34460ceb43a797e8e7f44d7b33088c67fd835e3e56c64e92868ef27c49

    • SSDEEP

      1536:ET33kLmdI52QC2mCYKw2cr2RhXbZ9qu/nDw2a1+YRroJQusWMIcdwX0YXowGF:0hQC2mCYK3RhrZ9dPk2Q9yMJwX0YRG

    Score
    3/10
    • Target

      VMProtect Ultimate/Example/Code Markers/MASM/VMProtectSDK64.dll

    • Size

      116KB

    • MD5

      ba5cf8079fa68d90a2e6497d3c5711c1

    • SHA1

      66b3c641ccd9a04ebf35ea868548bf58de295a11

    • SHA256

      ae22254e2b5c5557f35a170696d53e847018221dcd4cc70c153c36ecdd891f81

    • SHA512

      8537604678bed001aca037d94c80d8d1dd3da3d5bf806fa687f44a093cb07a316dcef084b572b4fd9b3cd2d93fedc7db66a817b27f395a772f3b844509c30156

    • SSDEEP

      3072:cmcqYHq7Aiytzg2ScpvgJcG5sqYX6UJHslBS:l0Hq7AiyegZgJZSXhMH

    Score
    1/10
    • Target

      VMProtect Ultimate/Example/Code Markers/MASM/makeit.bat

    • Size

      1KB

    • MD5

      af26b0b102187a1d8e57e5f65ad6286e

    • SHA1

      40ccf43c0a7589e4d9c263cdf8952779ad77a4b5

    • SHA256

      655f241e2cfa322de729c415b5c9c23103b240fdc51787155bf68f1dce39b3ce

    • SHA512

      66d67b277942995ad9d6397590191519412a47e6e16db5f3bf88c9b280f03febe762af19c5f02cf392d4b07e006eb5a946f25d6d4801e6d82475a4b5fe488bd9

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

upx
Score
5/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

Score
1/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
3/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10