Overview

overview

8

Static

static

8

9d57f2fc8f...36.exe

windows7-x64

9d57f2fc8f...36.exe

windows10-2004-x64

Analysis

  • max time kernel
    3s
  • max time network
    50s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 16:34

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\9d57f2fc8f766f669163abeb598e29d8642b5b4167d7cbeb5eade05a18dcf836.exe command="C:\Users\Admin\AppData\Local\Temp\9d57f2fc8f766f669163abeb598e29d8642b5b4167d7cbeb5eade05a18dcf836.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: The %1 application cannot be run in Win32 mode.
Report Analysis Logs

General

  • Target

    9d57f2fc8f766f669163abeb598e29d8642b5b4167d7cbeb5eade05a18dcf836.exe

  • Size

    636KB

  • MD5

    537aabec55469207307d29bbac5fb10b

  • SHA1

    742c476d4695ddff6f4dc016711c213cdff6eb64

  • SHA256

    9d57f2fc8f766f669163abeb598e29d8642b5b4167d7cbeb5eade05a18dcf836

  • SHA512

    c04a8334d4f01288c38a09c9c04fddb79128abc675172ef349114593fd0b6a15d39f80bc3529b0350f5ca6046a62dcd089228a0f769cba02836bf9a91022793f

  • SSDEEP

    12288:LG+1UCFYC5xx+fts1PY0BIOuiLRLIhg5eN1BApy6ZrqJ0/5wCE67kC1wEdWau:LtGmxx+IVBIOui1MBUy61d/SakC1wy

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Processes

  • C:\Users\Admin\AppData\Local\Temp\9d57f2fc8f766f669163abeb598e29d8642b5b4167d7cbeb5eade05a18dcf836.exe
    "C:\Users\Admin\AppData\Local\Temp\9d57f2fc8f766f669163abeb598e29d8642b5b4167d7cbeb5eade05a18dcf836.exe"
    1⤵
      PID:2584

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2584-132-0x0000000000010000-0x0000000000141000-memory.dmp
      Filesize

      1.2MB

      Download