Analysis
-
max time kernel
147s -
max time network
248s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
25-11-2022 11:49
General
-
Target
8d38c3911177a34b739925d7e7edd8efe745bc0cfd7f7a28005a4eb844c8b26a.exe
-
Size
1.5MB
-
MD5
c5a74c4c8445e82ede5a1e6aaf49850d
-
SHA1
15751703a9d5e8655cddc7b2e30bcb78b941244e
-
SHA256
8d38c3911177a34b739925d7e7edd8efe745bc0cfd7f7a28005a4eb844c8b26a
-
SHA512
64ed573a9b5b2e4787e4ff6c1d4e3d4a11c3f3f1042043805ad57b5cd5f5fa2c4c99459e7334e3f038a67acf0bf4a3e255a07f9d0eab0195cd91f715ece15a21
-
SSDEEP
24576:zVbAklpXPM1mdIbUmFtircvIwNjLWvME6xpcQwO5aPSj8e+0VuaBNpUVRPGPUbPk:zqkPPImdyUm+eLnbxpzBBE4/8Usy8
Score
8/10
Malware Config
Signatures
-
UPX packed file 4 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
VMProtect packed file 4 IoCs
Detects executables packed with VMProtect commercial packer.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\8d38c3911177a34b739925d7e7edd8efe745bc0cfd7f7a28005a4eb844c8b26a.exe"C:\Users\Admin\AppData\Local\Temp\8d38c3911177a34b739925d7e7edd8efe745bc0cfd7f7a28005a4eb844c8b26a.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4688-132-0x0000000000400000-0x00000000007CD000-memory.dmpFilesize
3.8MB
-
memory/4688-133-0x0000000000400000-0x00000000007CD000-memory.dmpFilesize
3.8MB
-
memory/4688-135-0x0000000002490000-0x0000000002502000-memory.dmpFilesize
456KB
-
memory/4688-136-0x0000000002490000-0x0000000002502000-memory.dmpFilesize
456KB
-
memory/4688-137-0x0000000000400000-0x00000000007CD000-memory.dmpFilesize
3.8MB
-
memory/4688-138-0x0000000002490000-0x0000000002502000-memory.dmpFilesize
456KB
-
memory/4688-139-0x0000000000400000-0x00000000007CD000-memory.dmpFilesize
3.8MB
-
memory/4688-140-0x0000000002490000-0x0000000002502000-memory.dmpFilesize
456KB