0cf3e8db566d34f19d7c2df598f038542439d1f48e4b228d04c0a5469a62290b | Triage

Submit
Reports

Overview

overview

7

Static

static

1

Andromeda v2.06.rar

windows10-2004-x64

7

Andromeda Builder.exe

windows10-2004-x64

5

Anti vmwar...re.exe

windows10-2004-x64

1

Panel/plug...ex.ps1

windows10-2004-x64

1

Analysis

max time kernel
822s
max time network
1219s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
27-02-2023 21:59

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Andromeda v2.06.rar

Resource

win10v2004-20230220-en

windows10-2004-x64

8 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Andromeda Builder.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

1800 seconds

Behavioral task

behavioral3

Sample

Anti vmware/start_me_on_vm_before.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral4

Sample

Panel/plugins/socks4/index.ps1

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

1800 seconds

Report Analysis Logs

General

Target

Anti vmware/start_me_on_vm_before.exe
Size

1KB
MD5

8d79c79221f14603ddf8dec439a54385
SHA1

1c18b7d7b5aeadbbe1eb8ec99a083c8feacf4312
SHA256

07dffeb663f93a6311d9f70c596c0255d35b54ec2eb5b2c608ff096e0e58923c
SHA512

63ad336a1119440586544b02baa0f7a1ea1a6bb1142893adeec7ca7e430ceaf078332bd8a0bcbdc69165077c691bfa87c89795b2ab2b4b946f9c8fc095d799fc

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\Anti vmware\start_me_on_vm_before.exe
"C:\Users\Admin\AppData\Local\Temp\Anti vmware\start_me_on_vm_before.exe"
1⤵
PID:1484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1484-133-0x0000000000400000-0x0000000000402000-memory.dmp

Filesize
8KB

Download

© 2018-2024

Terms | Privacy