Overview

overview

8

Static

static

8

0b80728481...f9.exe

windows7-x64

8

0b80728481...f9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    163s
  • max time network
    184s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-11-2022 11:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0b80728481091c7e2848a3cdbe66bc3d054f7072a470cc6b062eb13cb93b52f9.exe

  • Size

    1.2MB

  • MD5

    78e47e29df52e69b65aefcc9486a20b8

  • SHA1

    50a4128a5405eefccc0111107e2f03b16398fd3d

  • SHA256

    0b80728481091c7e2848a3cdbe66bc3d054f7072a470cc6b062eb13cb93b52f9

  • SHA512

    4ee4b32621480cd503289fec92011071438e23599ff21c70d465a6ae543044cdb6b8ec0f94f82b067469707b282bdf665f72107e0c3f3032429ae8343897be9a

  • SSDEEP

    24576:yM8ikmFfnF/DXjxFeaEghm8VOi7XJ0siojF5N:yFWF7XKlsM+Z065

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 4 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0b80728481091c7e2848a3cdbe66bc3d054f7072a470cc6b062eb13cb93b52f9.exe
    "C:\Users\Admin\AppData\Local\Temp\0b80728481091c7e2848a3cdbe66bc3d054f7072a470cc6b062eb13cb93b52f9.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:3300

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3300-132-0x0000000000400000-0x0000000000545000-memory.dmp
    Filesize

    1.3MB

    Download
  • memory/3300-133-0x0000000000400000-0x0000000000545000-memory.dmp
    Filesize

    1.3MB

    Download
  • memory/3300-134-0x0000000000400000-0x0000000000545000-memory.dmp
    Filesize

    1.3MB

    Download
  • memory/3300-135-0x0000000000400000-0x0000000000545000-memory.dmp
    Filesize

    1.3MB

    Download