Overview

overview

8

Static

static

8

95bb00b7d8...92.exe

windows7-x64

95bb00b7d8...92.exe

windows10-2004-x64

Analysis

  • max time kernel
    72s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    29-11-2022 05:03

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\95bb00b7d8c2a574b1b1ef8463798285f9c3250adc8cc88b083ddbadd0b94192.exe command="C:\Users\Admin\AppData\Local\Temp\95bb00b7d8c2a574b1b1ef8463798285f9c3250adc8cc88b083ddbadd0b94192.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: The %1 application cannot be run in Win32 mode.
Report Analysis Logs

General

  • Target

    95bb00b7d8c2a574b1b1ef8463798285f9c3250adc8cc88b083ddbadd0b94192.exe

  • Size

    882KB

  • MD5

    f16d87ca6201909cae04a73c0b977f91

  • SHA1

    8bcc60232322cfac3914c8e3ffaf57bb0d55383e

  • SHA256

    95bb00b7d8c2a574b1b1ef8463798285f9c3250adc8cc88b083ddbadd0b94192

  • SHA512

    7e5004ee6fd1b78bc9c261b467971044d0da69e32dc7c5ea93ed9fff2998ab44fb84df09fd0191906e09a091a65fe71a52b1d017d6d8b6a65197d70fd608895d

  • SSDEEP

    24576:Sat9uUX6euQt6TniOw2WwXmDwOxzN04Dg:SafucuQYHw2PXXgN

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Processes

  • C:\Users\Admin\AppData\Local\Temp\95bb00b7d8c2a574b1b1ef8463798285f9c3250adc8cc88b083ddbadd0b94192.exe
    "C:\Users\Admin\AppData\Local\Temp\95bb00b7d8c2a574b1b1ef8463798285f9c3250adc8cc88b083ddbadd0b94192.exe"
    1⤵
      PID:1224

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1224-54-0x0000000000010000-0x00000000001BB000-memory.dmp
      Filesize

      1.7MB

      Download