Overview

overview

8

Static

static

8

87fce05bf8...05.exe

windows7-x64

87fce05bf8...05.exe

windows10-2004-x64

Analysis

  • max time kernel
    25s
  • max time network
    27s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-11-2022 06:13

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\87fce05bf80f7b8330316b81671a62c8778d9bd2be4be1bcd78badd9b1e67905.exe command="C:\Users\Admin\AppData\Local\Temp\87fce05bf80f7b8330316b81671a62c8778d9bd2be4be1bcd78badd9b1e67905.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: The %1 application cannot be run in Win32 mode.
Report Analysis Logs

General

  • Target

    87fce05bf80f7b8330316b81671a62c8778d9bd2be4be1bcd78badd9b1e67905.exe

  • Size

    58KB

  • MD5

    c7a7bca94a77077a9b52aafacafc2ac0

  • SHA1

    10c6ede8b7b1162ab023756ebe402d1681cff6f4

  • SHA256

    87fce05bf80f7b8330316b81671a62c8778d9bd2be4be1bcd78badd9b1e67905

  • SHA512

    50f34d937fa46981e5bf28cb4bfab94a33fe5721f17f8cb149b6efae99b8dd5fc442c9ea1a52209d67fcdfea66cfe083befa34a1c41ee7afb2f79cf5fc83e5e8

  • SSDEEP

    1536:sKMDi2CVG+V/69w6yehpOj7MxtHvSscTPt17nfSXXz0jkSoM1Z:oDi2CVPWw6xgj7MxtHY7naXXz0jkSoMr

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Processes

  • C:\Users\Admin\AppData\Local\Temp\87fce05bf80f7b8330316b81671a62c8778d9bd2be4be1bcd78badd9b1e67905.exe
    "C:\Users\Admin\AppData\Local\Temp\87fce05bf80f7b8330316b81671a62c8778d9bd2be4be1bcd78badd9b1e67905.exe"
    1⤵
      PID:824

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/824-132-0x0000000000010000-0x0000000000028000-memory.dmp
      Filesize

      96KB

      Download