Analysis
-
max time kernel
151s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
27-11-2022 04:53
Behavioral task
behavioral1
Sample
789081272900bfd5ce0d0dd0045fbadedcef240416620893358981ba1afcda00.exe
Resource
win7-20221111-en
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
789081272900bfd5ce0d0dd0045fbadedcef240416620893358981ba1afcda00.exe
Resource
win10v2004-20221111-en
2 signatures
150 seconds
General
-
Target
789081272900bfd5ce0d0dd0045fbadedcef240416620893358981ba1afcda00.exe
-
Size
10.2MB
-
MD5
a191675d5299956bcab6c52668760efe
-
SHA1
1180050f6043ea1e587595a08621bdc3230cc072
-
SHA256
789081272900bfd5ce0d0dd0045fbadedcef240416620893358981ba1afcda00
-
SHA512
814205105e9169a102482088efcbeed3959d53cb7b6c5a75d5b69e4fcca0db1c2219468048670ba1ae12bfe366f71f04528b838de9857da74f5dee8a172d68ac
-
SSDEEP
196608:kTL5o5oAssNIte1cmk+385NGp1I0wfSZBZN27:7573cmktNGpK0xZB
Score
8/10
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral2/memory/2164-133-0x0000000000400000-0x0000000000E64000-memory.dmp vmprotect behavioral2/memory/2164-134-0x0000000000400000-0x0000000000E64000-memory.dmp vmprotect behavioral2/memory/2164-135-0x0000000000400000-0x0000000000E64000-memory.dmp vmprotect -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
789081272900bfd5ce0d0dd0045fbadedcef240416620893358981ba1afcda00.exepid process 2164 789081272900bfd5ce0d0dd0045fbadedcef240416620893358981ba1afcda00.exe 2164 789081272900bfd5ce0d0dd0045fbadedcef240416620893358981ba1afcda00.exe