Overview

overview

8

Static

static

7

72d91c1097...74.exe

windows7-x64

8

72d91c1097...74.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    72d91c1097bbd5add3a340f90a80f22335dbe189a9c46ba62c0f785e974ce874

  • Size

    2.1MB

  • Sample

    241121-ahgdkawpby

  • MD5

    139ac913cd6ac595f6dec94254790157

  • SHA1

    7f4a89f6781072b1b6488c38b71a107fca66db77

  • SHA256

    72d91c1097bbd5add3a340f90a80f22335dbe189a9c46ba62c0f785e974ce874

  • SHA512

    8664266bf89847124ac7a7e2617ad76054ad8fc4528cb6f3997f08243426c7cdc4c800bd9dd58db580357b0a00feb36cd6e7c21ed2905873bfb8d440d32b7af3

  • SSDEEP

    49152:2m5EhIg5yWJojkJBLz6ktns98U5hbx1JJQ:2mWh9yGykJ9Js98ah11Jq

Score
8/10
discoveryvmprotect

Malware Config

Targets

    • Target

      72d91c1097bbd5add3a340f90a80f22335dbe189a9c46ba62c0f785e974ce874

    • Size

      2.1MB

    • MD5

      139ac913cd6ac595f6dec94254790157

    • SHA1

      7f4a89f6781072b1b6488c38b71a107fca66db77

    • SHA256

      72d91c1097bbd5add3a340f90a80f22335dbe189a9c46ba62c0f785e974ce874

    • SHA512

      8664266bf89847124ac7a7e2617ad76054ad8fc4528cb6f3997f08243426c7cdc4c800bd9dd58db580357b0a00feb36cd6e7c21ed2905873bfb8d440d32b7af3

    • SSDEEP

      49152:2m5EhIg5yWJojkJBLz6ktns98U5hbx1JJQ:2mWh9yGykJ9Js98ah11Jq

    Score
    8/10
    discoveryvmprotect

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks