Overview

overview

8

Static

static

8

(...ng.dll

windows7-x64

1

(...ng.dll

windows10-2004-x64

1

(...ng.dll

windows7-x64

1

(...ng.dll

windows10-2004-x64

1

(...ng.dll

windows7-x64

1

(...ng.dll

windows10-2004-x64

1

(...ng.dll

windows7-x64

1

(...ng.dll

windows10-2004-x64

1

FileOpenSH.dll

windows7-x64

1

FileOpenSH.dll

windows10-2004-x64

3

GetPcInfo.exe

windows7-x64

1

GetPcInfo.exe

windows10-2004-x64

1

Index_dll.dll

windows7-x64

3

Index_dll.dll

windows10-2004-x64

3

K3ICWorkFlow.dll

windows7-x64

1

K3ICWorkFlow.dll

windows10-2004-x64

1

KmInst32.exe

windows7-x64

1

KmInst32.exe

windows10-2004-x64

1

KmSetKX32.exe

windows7-x64

1

KmSetKX32.exe

windows10-2004-x64

1

Netviewer....es.dll

windows7-x64

1

Netviewer....es.dll

windows10-2004-x64

1

PFXRsaCertDown.dll

windows7-x64

1

PFXRsaCertDown.dll

windows10-2004-x64

1

Pdfcore.exe

windows7-x64

1

Pdfcore.exe

windows10-2004-x64

3

SafeDogGua...er.exe

windows7-x64

8

SafeDogGua...er.exe

windows10-2004-x64

8

SafeDogNetDrv08.exe

windows7-x64

SafeDogNetDrv08.exe

windows10-2004-x64

hpmcro32.dll

windows7-x64

1

hpmcro32.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    183s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-09-2022 05:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SafeDogGuardCenter.exe

  • Size

    1021KB

  • MD5

    ab86e7053c42a6410f0d05a14dfa595b

  • SHA1

    0f829850c141bc9dc246784ba7c60751b7637325

  • SHA256

    a39bc15fb5a82a9a922a16d4ed9008dfb3ca842504b45c0bf42be468f357ed2d

  • SHA512

    fa02316c03a0fdddc59c41c55628a1e2b2e737ba1000ed3aff7f41f0070fab8cbe4467fa6395618db631bd28933aa1bdf8fd3e4690a996c9fc6f607bff333c1d

  • SSDEEP

    24576:t3tKn1czU+PITxnHnkht57ECVjSxWG8P+v8YzWSP:t3TU+PSxHkl7EW8q+kYl

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Processes

  • C:\Users\Admin\AppData\Local\Temp\SafeDogGuardCenter.exe
    "C:\Users\Admin\AppData\Local\Temp\SafeDogGuardCenter.exe"
    1⤵
      PID:2932

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2932-132-0x0000000000400000-0x0000000000661000-memory.dmp

      Filesize

      2.4MB

      Download