Overview

overview

8

Static

static

8

a783fca4b2...54.exe

windows7-x64

a783fca4b2...54.exe

windows10-2004-x64

Analysis

  • max time kernel
    1s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    01-12-2022 19:58

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\a783fca4b2b29f59b38a71124c4f9f5f49f45a1c5aff4c65c750bf9426f0b454.exe command="C:\Users\Admin\AppData\Local\Temp\a783fca4b2b29f59b38a71124c4f9f5f49f45a1c5aff4c65c750bf9426f0b454.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: The %1 application cannot be run in Win32 mode.
Report Analysis Logs

General

  • Target

    a783fca4b2b29f59b38a71124c4f9f5f49f45a1c5aff4c65c750bf9426f0b454.exe

  • Size

    719KB

  • MD5

    35f81e6330f01a9c0fce68b4cdcfef4a

  • SHA1

    7a97401d85794fefe36ee879646cea97b3cdc1a7

  • SHA256

    a783fca4b2b29f59b38a71124c4f9f5f49f45a1c5aff4c65c750bf9426f0b454

  • SHA512

    a9ea19cefa4cb4c7be46001894093e5f6a79074b09403fcb50ff1f09692572deceab508ac0b778f7164c04c9d357b2e3c4c943f56dc69704e1942f7152a4009b

  • SSDEEP

    12288:3dbxHBSnRSHpwdJ3kiBWIQ92HVypUOz/a6odNUAC1Yr6LY:39xCsAJ0iBs2yfRodNUZyrEY

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Processes

  • C:\Users\Admin\AppData\Local\Temp\a783fca4b2b29f59b38a71124c4f9f5f49f45a1c5aff4c65c750bf9426f0b454.exe
    "C:\Users\Admin\AppData\Local\Temp\a783fca4b2b29f59b38a71124c4f9f5f49f45a1c5aff4c65c750bf9426f0b454.exe"
    1⤵
      PID:1844

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1844-54-0x0000000000010000-0x0000000000168000-memory.dmp

      Filesize

      1.3MB

      Download