Analysis
-
max time kernel
149s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
27-11-2022 13:13
General
-
Target
b4b2debd045f4dbf117d8e4b2a63211d9fdd8be262e093040f340d59e688b273.exe
-
Size
2.8MB
-
MD5
87f1e27268a03579c9661bf72d857178
-
SHA1
653e1c59b1e06490aef60721b727155ec7614431
-
SHA256
b4b2debd045f4dbf117d8e4b2a63211d9fdd8be262e093040f340d59e688b273
-
SHA512
c1a8ef45707f5eac000d81e25e625e6bc2ce77297455189273bbdbed68df4bf3325b9edd7c02ecea7dd1b345ed49e7df080aa8ae8bbcd373a0977bbd7decd353
-
SSDEEP
49152:TdnYuFU8tOpZSbpcInFZR5X9mHqbTEiZx0nwiQoUJgs1mibp75OtIg9BuMr:TdnYuiE00d/VfbTEw4wJ1mwdMHzj
Score
8/10
Malware Config
Signatures
-
VMProtect packed file 7 IoCs
Detects executables packed with VMProtect commercial packer.
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b4b2debd045f4dbf117d8e4b2a63211d9fdd8be262e093040f340d59e688b273.exe"C:\Users\Admin\AppData\Local\Temp\b4b2debd045f4dbf117d8e4b2a63211d9fdd8be262e093040f340d59e688b273.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2284-132-0x0000000000400000-0x0000000000A2C000-memory.dmpFilesize
6.2MB
-
memory/2284-133-0x0000000000400000-0x0000000000A2C000-memory.dmpFilesize
6.2MB
-
memory/2284-135-0x0000000000400000-0x0000000000A2C000-memory.dmpFilesize
6.2MB
-
memory/2284-136-0x0000000000400000-0x0000000000A2C000-memory.dmpFilesize
6.2MB
-
memory/2284-137-0x0000000002C80000-0x0000000002E4D000-memory.dmpFilesize
1.8MB
-
memory/2284-139-0x0000000002C80000-0x0000000002E4D000-memory.dmpFilesize
1.8MB
-
memory/2284-143-0x0000000002C80000-0x0000000002E4D000-memory.dmpFilesize
1.8MB
-
memory/2284-144-0x0000000002C80000-0x0000000002E4D000-memory.dmpFilesize
1.8MB