cerber | c83954ab01cc2d5ad6a91325fda5c3758769044143275690685d53b87c7bb588 | Triage

Submit
Reports

Overview

overview

Static

static

7

Perm Loader.vmp.exe

windows10-ltsc 2021-x64

Sharing

General

Target

Perm Loader.vmp.exe
Size

5.7MB
Sample

241219-2qr9ksskf1
MD5

50c87f75cb5583c0456b582ec37fba1e
SHA1

3c8625a583a3e7fd1f668150a5072b477182a4f1
SHA256

c83954ab01cc2d5ad6a91325fda5c3758769044143275690685d53b87c7bb588
SHA512

28211a4a90a335ca016f2b74e9f18dc4ca49f6c3c205f5ee4d7ef229220f576083284b8cd47888ccd20b24e378ecbdecd7eeffb2e172363e5aa9f6bfd1c99841
SSDEEP

98304:NP5gmktJUfGLCwRcIoMPPqpnNUjhfKwXV1b27OMvTUDsiBribTsOyCT+eiFZ:Nxgm4qf18PqpN4Kwq79TUDsii0OpiFZ

Score

10^/10

cerber ransomware vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Perm Loader.vmp.exe

Resource

win10ltsc2021-20241211-en

cerber ransomware vmprotect

windows10-ltsc 2021-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Perm Loader.vmp.exe
- Size
  
  5.7MB
- MD5
  
  50c87f75cb5583c0456b582ec37fba1e
- SHA1
  
  3c8625a583a3e7fd1f668150a5072b477182a4f1
- SHA256
  
  c83954ab01cc2d5ad6a91325fda5c3758769044143275690685d53b87c7bb588
- SHA512
  
  28211a4a90a335ca016f2b74e9f18dc4ca49f6c3c205f5ee4d7ef229220f576083284b8cd47888ccd20b24e378ecbdecd7eeffb2e172363e5aa9f6bfd1c99841
- SSDEEP
  
  98304:NP5gmktJUfGLCwRcIoMPPqpnNUjhfKwXV1b27OMvTUDsiBribTsOyCT+eiFZ:Nxgm4qf18PqpN4Kwq79TUDsii0OpiFZ
Score

10^/10

cerber ransomware vmprotect
- Cerber
  Cerber is a widely used ransomware-as-a-service (RaaS), first seen in 2017.
  ransomware cerber
- Cerber family
  cerber
- Executes dropped EXE
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cerberransomwarevmprotect

© 2018-2024

Terms | Privacy