Overview

overview

8

Static

static

8

b98920e127...1d.exe

windows7-x64

b98920e127...1d.exe

windows10-2004-x64

Analysis

  • max time kernel
    1s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    06/12/2022, 07:55

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\b98920e1275c325dcdd055473576759844eecdab37d5020daecb6810d47aec1d.exe command="C:\Users\Admin\AppData\Local\Temp\b98920e1275c325dcdd055473576759844eecdab37d5020daecb6810d47aec1d.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: The %1 application cannot be run in Win32 mode.
Report Analysis Logs

General

  • Target

    b98920e1275c325dcdd055473576759844eecdab37d5020daecb6810d47aec1d.exe

  • Size

    180KB

  • MD5

    69b99b678c3ccf72f8578b5b56a7f975

  • SHA1

    d982466ca5b86d10a371639fa6d03165eb13834f

  • SHA256

    b98920e1275c325dcdd055473576759844eecdab37d5020daecb6810d47aec1d

  • SHA512

    3ddee5c7a391518007d14ca672d394a46c45d1610c8a760f51ca471195fcb6186f42618dc47da360a39e9a6305c7ff05cdb8ae4a1ecc9e856a6b6fa28ee3391d

  • SSDEEP

    3072:GRixf7CwU5rsVnY/8zvN2R9D/3qbpC6dnXHkketppLYCJ4HJeXkzPLuLlKNPxVn9:GKVnY/8zva/0pCqUkefJ4HJ9zjjN5To8

Score
8/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect

Processes

  • C:\Users\Admin\AppData\Local\Temp\b98920e1275c325dcdd055473576759844eecdab37d5020daecb6810d47aec1d.exe
    "C:\Users\Admin\AppData\Local\Temp\b98920e1275c325dcdd055473576759844eecdab37d5020daecb6810d47aec1d.exe"
    1⤵
      PID:780

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/780-54-0x0000000000010000-0x0000000000042000-memory.dmp

      Filesize

      200KB

      Download