24e8c911a34e784acfeae70252c1c4c27c7d40883eeee9871d97691bcc0f9df7 | Triage

Submit
Reports

Overview

overview

Static

static

EMPRESS/EMP.dll

windows7-x64

9

EMPRESS/EMP.dll

windows10-2004-x64

9

EMPRESS/am...64.dll

windows7-x64

9

EMPRESS/am...64.dll

windows10-2004-x64

9

EMPRESS/re4.exe

windows7-x64

1

EMPRESS/re4.exe

windows10-2004-x64

1

EMPRESS/st...64.dll

windows7-x64

1

EMPRESS/st...64.dll

windows10-2004-x64

1

EMPRESS/st...64.dll

windows7-x64

1

EMPRESS/st...64.dll

windows10-2004-x64

3

Extras/Res...er.exe

windows7-x64

1

Extras/Res...er.exe

windows10-2004-x64

1

Analysis

max time kernel
146s
max time network
186s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
18-05-2023 13:23

Sharing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

EMPRESS/EMP.dll

Resource

win7-20230220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

EMPRESS/EMP.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

EMPRESS/amd_ags_x64.dll

Resource

win7-20230220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

EMPRESS/amd_ags_x64.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral5

Sample

EMPRESS/re4.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

EMPRESS/re4.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

EMPRESS/steam_api64.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

EMPRESS/steam_api64.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

EMPRESS/steam_api64.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

EMPRESS/steam_api64.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

Extras/Resident Evil 4 v1.0-v20230424 Plus 36 Trainer.exe

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

Extras/Resident Evil 4 v1.0-v20230424 Plus 36 Trainer.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

EMPRESS/re4.exe
Size

528.0MB
MD5

889ae906f7906185e55eee339c7a98b4
SHA1

74b293a413b00bbfe3d54c64e2772762d20b6cc9
SHA256

656b8f8bce6dca7aa4294576bc8a0faf9d8860aa60bdba1c182c35be09413d9d
SHA512

0f13cfa9a2fcd4f4e781a4422cc5f6b0b3a3b15d1b006edd91225a470113fdfe14b49e66aad91571a38fedfdefa29a14fc3ff23cec2cd2771ae48f23d7fef743
SSDEEP

3145728:q0kQJSxSGr5c+rKjQSTjqiHxoFZV0rKozIAMk1w:plST5uRjqiaFZwX

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\EMPRESS\re4.exe
"C:\Users\Admin\AppData\Local\Temp\EMPRESS\re4.exe"
1⤵
PID:2480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy