Overview

overview

7

Static

static

7

57cf40adfc...ea.exe

windows7-x64

7

57cf40adfc...ea.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    127s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/08/2023, 08:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    57cf40adfc36ca189e4a7a535ec42cf136ac6dd514c6247fdd008c9ea456c1ea.exe

  • Size

    2.2MB

  • MD5

    85e4a2e89ea63ef5f7efc216ad3fa0d5

  • SHA1

    d6fd614b9fc2ed36e980e69ccd0b49293ac76e39

  • SHA256

    57cf40adfc36ca189e4a7a535ec42cf136ac6dd514c6247fdd008c9ea456c1ea

  • SHA512

    aed83433425f785a774d9b5d9173de6ae4df5e1c0bc9ce239fb0a04535a3bda9997af7b8506a0df5ea0abadb3c9432bf8f86768308d51925d1ba947505b4f55b

  • SSDEEP

    49152:kj8+v+BCMbV4YDM4OgQ5s7XwMgfF8Fg/7H4IIunl/x:kjNLWALXKu

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 3 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\57cf40adfc36ca189e4a7a535ec42cf136ac6dd514c6247fdd008c9ea456c1ea.exe
    "C:\Users\Admin\AppData\Local\Temp\57cf40adfc36ca189e4a7a535ec42cf136ac6dd514c6247fdd008c9ea456c1ea.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2692

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2692-133-0x0000000000400000-0x00000000008B3000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/2692-135-0x0000000000400000-0x00000000008B3000-memory.dmp

          Filesize

          4.7MB

          Download

        • memory/2692-137-0x0000000076A80000-0x0000000076A81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2692-138-0x0000000077EB0000-0x0000000077EB1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2692-139-0x0000000002880000-0x00000000028DF000-memory.dmp

          Filesize

          380KB

          Download

        • memory/2692-140-0x0000000000400000-0x00000000008B3000-memory.dmp

          Filesize

          4.7MB

          Download