Overview

overview

10

Static

static

7

-服务端.exe

windows10-2004-x64

8

1.exe

windows10-2004-x64

1

360tray.exe

windows10-2004-x64

7

Loader/专...31.exe

windows10-2004-x64

10

Microsoft.exe

windows10-2004-x64

1

a.exe

windows10-2004-x64

1

check-2023-08-01.exe

windows10-2004-x64

1

flashcente...cn.exe

windows10-2004-x64

7

muyyuvd.exe

windows10-2004-x64

7

pdf安装.exe

windows10-2004-x64

1

东方有�...��.exe

windows10-2004-x64

10

关于部�...��.exe

windows10-2004-x64

10

国家电�...��.exe

windows10-2004-x64

7

广东省�...��.exe

windows10-2004-x64

10

广东省�...07.exe

windows10-2004-x64

1

录屏精�...��.exe

windows10-2004-x64

7

火绒网�...��.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    170s
  • max time network
    177s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230831-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230831-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-09-2023 14:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    muyyuvd.exe

  • Size

    1.4MB

  • MD5

    768e4477abc5c60667290601bfe58b8e

  • SHA1

    688c99ef523cff22a20bfe70b1a9d3855669ea21

  • SHA256

    e7c87b0791bdb4f723af07d7b6c8dd79c3d9e1667f7ff6ad271665f3755d6ab8

  • SHA512

    1c57a8671dd4623d434116c875c63b31df123896cd6e00d7d8daa8c4d9c9bf09d085f06f62c302a7b2a8ab08520d9bf49062e824e6b3420f75893f13b18284cc

  • SSDEEP

    12288:kTeEBQDPeK6zp48Tm9yLogwL8soAsgp8R3D0kUodp3nBigg/vwr2I4TgV:QehDPh6XoyEgGEARpvtoPx8Sg

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 4 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\muyyuvd.exe
    "C:\Users\Admin\AppData\Local\Temp\muyyuvd.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:2740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2740-0-0x0000000000400000-0x0000000000564000-memory.dmp
    Filesize

    1.4MB

    Download
  • memory/2740-1-0x0000000000400000-0x0000000000564000-memory.dmp
    Filesize

    1.4MB

    Download
  • memory/2740-2-0x0000000000400000-0x0000000000564000-memory.dmp
    Filesize

    1.4MB

    Download
  • memory/2740-3-0x0000000000400000-0x0000000000564000-memory.dmp
    Filesize

    1.4MB

    Download