GPT vs Malware Analysis: Challenges and Mitigations - Check Point Research
Tags
country: Germany
attack-pattern: Data Direct Model Models Call Log - T1636.002 Code Signing - T1553.002 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Dynamic Api Resolution - T1027.007 Ip Addresses - T1590.005 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Search Engines - T1593.002 Software - T1592.002 Trap - T1546.005 Tool - T1588.002 Vulnerabilities - T1588.006 Code Signing - T1116 Trap - T1154
Show in Graph
Common Information
Type Value
UUID e0c06de6-e165-45e3-94c2-186f6c9fbee9
Fingerprint a604db310d768783
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 15, 2023, 12:33 p.m.
Added to db Nov. 19, 2023, 9:24 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline GPT vs Malware Analysis: Challenges and Mitigations
Title GPT vs Malware Analysis: Challenges and Mitigations - Check Point Research
Detected Hints/Tags/Attributes 116/2/44
Source URLs
Redirection Url
Details Source https://research.checkpoint.com/2023/gpt-vs-malware-analysis-challenges-and-mitigations/
URL Provider
Details Provider Source level domain
Details checkpoint.com research.checkpoint.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 204 Check Point Research https://research.checkpoint.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
fp2e7a.wpc.2be4.phicdn.net
Details Domain 1 
prda.aadg.msidentity.com
Details Domain 1 
154.21.82.20.in-addr.arpa
Details Domain 1 
82.250.63.168.in-addr.arpa
Details Domain 4 
crl.thawte.com
Details Domain 4 
ocsp.thawte.com
Details File 10 
apsdaemon.exe
Details File 240 
wmic.exe
Details File 748 
kernel32.dll
Details File 80 
msvcrt.dll
Details File 533 
ntdll.dll
Details File 52 
bcrypt.dll
Details File 291 
user32.dll
Details File 229 
advapi32.dll
Details File 1 
c:\vssadmin.exe
Details File 29 
decrypt.txt
Details File 1 
aadg.msi
Details File 4 
-decrypt.txt
Details File 1 
984.tmp
Details File 1 
9c.tmp
Details File 1 
0_32.exe
Details File 1 
0_32.log
Details File 1 
1056.tmp
Details File 7 
werinternalmetadata.xml
Details File 1 
1068.tmp
Details File 1 
1079.tmp
Details File 1 
10b4.tmp
Details File 1 
1160.tmp
Details File 1 
119f.tmp
Details File 1 
122b.tmp
Details File 1 
12e7.tmp
Details File 1 
1316.tmp
Details File 1 
%samplepath%.exe
Details File 1 
45eb5c9d3f89cb059212e00512ec0e6c47c1bdf12842256ceda5d4f1371bd5.exe
Details sha1 1 
ef74c7e726ee9be45bd2b23544f9cfde61000c8a
Details sha256 1 
fb136c8360d1a5ab80f61109c55c5a788aa1d8796d1e75aca8c1a762b598d3f4
Details sha256 1 
fc45eb5c9d3f89cb059212e00512ec0e6c47c1bdf12842256ceda5d4f1371bd5
Details IPv4 1 
2.7.22.21
Details IPv4 1 
154.21.82.20
Details IPv4 1 
82.250.63.168
Details Windows Registry Key 1 
HKEY_LOCAL_MACHINESettings
Details Windows Registry Key 1 
HKEY_LOCAL_MACHINE6432NodeInc.Application
Details Windows Registry Key 1 
HKEY_LOCAL_MACHINE3a19d3d1
Details Windows Registry Key 1 
HKEY_LOCAL_MACHINE79b42b