Overview

overview

8

Static

static

8

d0749b3c46...8d.exe

windows7-x64

8

d0749b3c46...8d.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    154s
  • max time network
    181s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/10/2022, 05:46

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d0749b3c461b8885b406bb1cc9c5f39a2b2128ca53a337869db9c53365a2b58d.exe

  • Size

    356KB

  • MD5

    5744d2f543b8c827f1f61c440d3c50d0

  • SHA1

    a1d0cd84cce61c13cd5e1e51e0da2b9697399540

  • SHA256

    d0749b3c461b8885b406bb1cc9c5f39a2b2128ca53a337869db9c53365a2b58d

  • SHA512

    238c76662e37f6c3681011c400d222bfda68025097673bf7b15e16c242e43160d043a7321c3d11b42c02d2cc7bb46471ffe5e16d8ab57ed35c6c173da7fa968e

  • SSDEEP

    6144:2GbusJD0EKiUIyA5cq8Fj8xyPo0Xc/IunWs3F11aU8kg9s2dh6bobbeCjg:2GbrB0EnUPAeFN7oUunn71aVksswe2g

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 4 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d0749b3c461b8885b406bb1cc9c5f39a2b2128ca53a337869db9c53365a2b58d.exe
    "C:\Users\Admin\AppData\Local\Temp\d0749b3c461b8885b406bb1cc9c5f39a2b2128ca53a337869db9c53365a2b58d.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:796

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/796-132-0x0000000000F50000-0x000000000105F000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/796-133-0x0000000000F50000-0x000000000105F000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/796-135-0x0000000000F50000-0x000000000105F000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/796-136-0x0000000000F50000-0x000000000105F000-memory.dmp

          Filesize

          1.1MB

          Download