Overview

overview

8

Static

static

8

c1154fc7d4...7a.exe

windows7_x64

8

c1154fc7d4...7a.exe

windows10_x64

8

Analysis

  • max time kernel
    10s
  • max time network
    13s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    13-05-2021 12:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1154fc7d480240c69b461865671120359e2e27a937a3882811320147baa637a.exe

  • Size

    3.5MB

  • MD5

    080060e776bcccfd318a482bfcd5e687

  • SHA1

    7121799d42e687fea9fb48212b39a58a3dd8f0fe

  • SHA256

    c1154fc7d480240c69b461865671120359e2e27a937a3882811320147baa637a

  • SHA512

    265fe161538bcb1f71c3ac753bac0e65efad6039682bd29023d5c87ed1e6011845bfc7b2e88394e75ce85a0225dd946144d78889cd54fd89be6a3fc966ef7df2

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Drops file in Windows directory 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c1154fc7d480240c69b461865671120359e2e27a937a3882811320147baa637a.exe
    "C:\Users\Admin\AppData\Local\Temp\c1154fc7d480240c69b461865671120359e2e27a937a3882811320147baa637a.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    PID:752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/752-60-0x0000000076661000-0x0000000076663000-memory.dmp
    Filesize

    8KB

    Download
  • memory/752-61-0x0000000000FE0000-0x0000000001809000-memory.dmp
    Filesize

    8.2MB

    Download