Analysis
-
max time kernel
149s -
max time network
156s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
03-10-2022 22:34
Behavioral task
behavioral1
Sample
bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe
Resource
win7-20220901-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe
-
Size
83KB
-
MD5
2bfaf21335e150c319183b2e62abd720
-
SHA1
4f95f5710d74c5063995d44a17cc413dfa75b16a
-
SHA256
bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592
-
SHA512
e7d71d4ab0c528f2f40ccf4c4bb1a8d3daec230e5d13bd54e3dedaaf909b81825349c22637f7335d609d68c1194b637e6cc0cb0299bb33535d78631455e9004f
-
SSDEEP
1536:61BsQfVw75jfBrL28z5/fJ+RiDsWakvj1nrd:AaVjfBrLb/RkWsAxp
Score
8/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1672-55-0x0000000001230000-0x0000000001251000-memory.dmp vmprotect -
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe 1672 bf1c38418afe2eb8f3c1986dd59004d6aa5f62762caf998f2ef92923f7adc592.exe