Overview

overview

3

Static

static

1

VapeClient.exe

windows7-x64

3

VapeClient.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    77s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    05-03-2023 02:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    VapeClient.exe

  • Size

    83.0MB

  • MD5

    82b5f4ea17aa15db99ea51a6ea80f92e

  • SHA1

    c6f5253d6d402e75f3b5126e1fd829837c99e11a

  • SHA256

    82a7965a88e6f34c6f211bc22ce139330a086f5aa39beec91185f49456cd4ba8

  • SHA512

    c298043ac74f590d2c68254929a2e40b332164d195786e824b015b5554a2806f25d00b5c0577812c4b6078fa81fb38219ce024416413ccff8f1274cc46ae3e88

  • SSDEEP

    1572864:j12FG3hSEQ5JjrQyBY7GuK1acWcLD9bnHH+z9gn/2Ne0lZsQT9YwyEsQWDspI5:oIonjrQyBGGuK0xe9bn+z2/2s0lZV9YX

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VapeClient.exe
    "C:\Users\Admin\AppData\Local\Temp\VapeClient.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1992

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads