Analysis
-
max time kernel
162s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
26-11-2022 06:06
Behavioral task
behavioral1
Sample
˵.exe
Resource
win7-20221111-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
˵.exe
Resource
win10v2004-20220901-en
3 signatures
150 seconds
General
-
Target
˵.exe
-
Size
660KB
-
MD5
bdd96c60a76ecb2986d6a5bf965c3a76
-
SHA1
fa4132afe95907cafa7ed225327d3533edc67347
-
SHA256
2f5a814ed6f9419d740ea7634fa22bf8ba7c6b3976d4eb685c59bcd4ffb8925c
-
SHA512
4a8785681e57eb2e839cd86c8cb588cc6f629c8c6f71f2dd8224112e5a023c72eef66c21923d1712a2e38503bbbace1ecdfc9689dd86b34ea7975a2775a733d5
-
SSDEEP
12288:1QKLmqqtJv0N0H9n2QqFzaWSl1GLYJgweEzxlU/xg2tB4keigwGok9DFYJ:Oimqwt+StTqFmTJiElNMB/eigFYJ
Score
8/10
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral1/memory/268-55-0x0000000000400000-0x0000000000673000-memory.dmp vmprotect behavioral1/memory/268-58-0x0000000000400000-0x0000000000673000-memory.dmp vmprotect behavioral1/memory/268-59-0x0000000000400000-0x0000000000673000-memory.dmp vmprotect -
Suspicious behavior: EnumeratesProcesses 11 IoCs
Processes:
˵.exepid process 268 ˵.exe 268 ˵.exe 268 ˵.exe 268 ˵.exe 268 ˵.exe 268 ˵.exe 268 ˵.exe 268 ˵.exe 268 ˵.exe 268 ˵.exe 268 ˵.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
˵.exepid process 268 ˵.exe 268 ˵.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/268-54-0x0000000075891000-0x0000000075893000-memory.dmpFilesize
8KB
-
memory/268-55-0x0000000000400000-0x0000000000673000-memory.dmpFilesize
2.4MB
-
memory/268-58-0x0000000000400000-0x0000000000673000-memory.dmpFilesize
2.4MB
-
memory/268-59-0x0000000000400000-0x0000000000673000-memory.dmpFilesize
2.4MB