Analysis
-
max time kernel
30s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
04-04-2023 01:42
Behavioral task
behavioral1
Sample
7e574a5a664ca46b7b3ccac03655553e3bab5033b435aa5bbb12dfb80adab21e.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
7e574a5a664ca46b7b3ccac03655553e3bab5033b435aa5bbb12dfb80adab21e.exe
Resource
win10v2004-20230220-en
General
-
Target
7e574a5a664ca46b7b3ccac03655553e3bab5033b435aa5bbb12dfb80adab21e.exe
-
Size
1.3MB
-
MD5
88456780bbdb79f303286d8283048247
-
SHA1
3a4de37d37418dbf4c2e371104af71daa53ac965
-
SHA256
7e574a5a664ca46b7b3ccac03655553e3bab5033b435aa5bbb12dfb80adab21e
-
SHA512
d1ae9c5b5405d77dbcc6fcaeff6a2d48e4ff4e000b808967c78cd3518ca79824d124a016293eec930c5b9f2e47026c28d47bcfc2f31964ac8b7e93c8f5f44e59
-
SSDEEP
24576:pxnjyFdHg6ZEUEYGnqSNK8WbxXO6TftfhkRn6vAm3/2AZF3AvKM:zjyFdHUlxM8WlO6Tjk1KAm3/lZF2l
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral1/memory/1240-54-0x0000000000400000-0x00000000006D5000-memory.dmp vmprotect behavioral1/memory/1240-56-0x0000000000400000-0x00000000006D5000-memory.dmp vmprotect behavioral1/memory/1240-57-0x0000000000400000-0x00000000006D5000-memory.dmp vmprotect -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
7e574a5a664ca46b7b3ccac03655553e3bab5033b435aa5bbb12dfb80adab21e.exepid process 1240 7e574a5a664ca46b7b3ccac03655553e3bab5033b435aa5bbb12dfb80adab21e.exe 1240 7e574a5a664ca46b7b3ccac03655553e3bab5033b435aa5bbb12dfb80adab21e.exe 1240 7e574a5a664ca46b7b3ccac03655553e3bab5033b435aa5bbb12dfb80adab21e.exe 1240 7e574a5a664ca46b7b3ccac03655553e3bab5033b435aa5bbb12dfb80adab21e.exe