Overview

overview

10

Static

static

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

10

ﱞﱞﱞ�...ฺฺ

windows10_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

1

ﱞﱞﱞ�...ﱞﱞ

windows7_x64

1

Analysis

  • max time kernel
    1578s
  • max time network
    1578s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    07-04-2021 20:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Empire.earth.3.pre.order.crack.by.ViKiNG.exe

  • Size

    5.3MB

  • MD5

    fef86776cd97277ffe77fbb8d0436aa6

  • SHA1

    185625b595f070d32247e791619ae531cf8c3087

  • SHA256

    637689fbd651eaa00e9f7be5c3d1718f2cc250f430dc4dfa20ec4e265d211dc7

  • SHA512

    7299ef847fefa6c780291869930b06293ec86dba0e4a6f7ab8dd0948d059a99fd30d1594772299f7fa92796dcf7efbd48164b5738cf761c02974ed2612e91d78

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Empire.earth.3.pre.order.crack.by.ViKiNG.exe
    "C:\Users\Admin\AppData\Local\Temp\Empire.earth.3.pre.order.crack.by.ViKiNG.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1616-2-0x00000000765A1000-0x00000000765A3000-memory.dmp
    Filesize

    8KB

    Download