Overview

overview

8

Static

static

8

6df9ff844c...e2.exe

windows7-x64

6df9ff844c...e2.exe

windows10-2004-x64

Analysis

  • max time kernel
    36s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    06-11-2022 05:17

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\6df9ff844c1c1c2c03f1cda42fd7a677882b45666076bd6db2577883a424b6e2.exe command="C:\Users\Admin\AppData\Local\Temp\6df9ff844c1c1c2c03f1cda42fd7a677882b45666076bd6db2577883a424b6e2.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: The %1 application cannot be run in Win32 mode.
Report Analysis Logs

General

  • Target

    6df9ff844c1c1c2c03f1cda42fd7a677882b45666076bd6db2577883a424b6e2.exe

  • Size

    67KB

  • MD5

    20940c8d535fab5ce4c48c8bd021bdb0

  • SHA1

    b07918e5570f1075d5088e23b804786432e9fe42

  • SHA256

    6df9ff844c1c1c2c03f1cda42fd7a677882b45666076bd6db2577883a424b6e2

  • SHA512

    aaf19ea11cc9183d923d80ebbe1193c64d9f5cf10a1bac824f3dc7b3d723207a08e43d25df35ddaac9e1b146c3d2038d55902b798a1e50046e1cbecfc261ae2f

  • SSDEEP

    1536:AqM2F87Jm2bBsv1y7e/ZjywfN4dKYdaCxpsyxpJZWYNQbObu6dgVnh:8QEBfS/VlCLRxp55QbIdg5h

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Processes

  • C:\Users\Admin\AppData\Local\Temp\6df9ff844c1c1c2c03f1cda42fd7a677882b45666076bd6db2577883a424b6e2.exe
    "C:\Users\Admin\AppData\Local\Temp\6df9ff844c1c1c2c03f1cda42fd7a677882b45666076bd6db2577883a424b6e2.exe"
    1⤵
      PID:1008

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1008-54-0x0000000000010000-0x0000000000020E80-memory.dmp

      Filesize

      67KB

      Download