Analysis
-
max time kernel
1578s -
max time network
1578s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
07-04-2021 20:05
Static task
static1
Behavioral task
behavioral1
Sample
Empire.earth.3.pre.order.crack.by.ViKiNG.exe
Resource
win10v20201028
Behavioral task
behavioral2
Sample
Empire.earth.3.pre.order.crack.by.ViKiNG.exe
Resource
win10v20201028
Behavioral task
behavioral3
Sample
Empire.earth.3.pre.order.crack.by.ViKiNG.exe
Resource
win10v20201028
Behavioral task
behavioral4
Sample
Empire.earth.3.pre.order.crack.by.ViKiNG.exe
Resource
win10v20201028
Behavioral task
behavioral5
Sample
Empire.earth.3.pre.order.crack.by.ViKiNG.exe
Resource
win7v20201028
General
-
Target
Empire.earth.3.pre.order.crack.by.ViKiNG.exe
-
Size
5.3MB
-
MD5
fef86776cd97277ffe77fbb8d0436aa6
-
SHA1
185625b595f070d32247e791619ae531cf8c3087
-
SHA256
637689fbd651eaa00e9f7be5c3d1718f2cc250f430dc4dfa20ec4e265d211dc7
-
SHA512
7299ef847fefa6c780291869930b06293ec86dba0e4a6f7ab8dd0948d059a99fd30d1594772299f7fa92796dcf7efbd48164b5738cf761c02974ed2612e91d78
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
Empire.earth.3.pre.order.crack.by.ViKiNG.exepid process 1616 Empire.earth.3.pre.order.crack.by.ViKiNG.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1616-2-0x00000000765A1000-0x00000000765A3000-memory.dmpFilesize
8KB