Overview

overview

7

Static

static

7

Multi-X_v1...ed.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    115s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-03-2023 13:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Multi-X_v1.2-Unpacked.exe

  • Size

    24.6MB

  • MD5

    cf386e252de869bbcd0f226a95857509

  • SHA1

    6ebbaff3e4448c73b89298d5fb972d18026a40e8

  • SHA256

    cc4efaaba90c0141aecfe2992543ffdc9b80b20d8213b51f52606861fd5bad89

  • SHA512

    9b5073709369822113004d7a5bde324234a3d7e98b5e69f1abaa4a4f7c75ef98ad75cc38fa6bb8ed882299d05be6e46d5593c48595f2b3e1e1edb75368e4dce6

  • SSDEEP

    196608:fhuGzT1iRHmGUDXeOaJVivbsv6wX7KAltYBMzm0k1ipuQxYWMs+y4A:fhueqGxDXeJJV2wF88Ispuy

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Multi-X_v1.2-Unpacked.exe
    "C:\Users\Admin\AppData\Local\Temp\Multi-X_v1.2-Unpacked.exe"
    1⤵
      PID:5016
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 5016 -s 804
        2⤵
        • Program crash
        PID:3972
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 5016 -ip 5016
      1⤵
        PID:2096

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/5016-133-0x0000000000090000-0x00000000008F2000-memory.dmp
        Filesize

        8.4MB

        Download