Overview

overview

7

Static

static

7

f25d1e455b...87.exe

windows7-x64

7

f25d1e455b...87.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    22/09/2023, 02:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f25d1e455b2b14f25d81bbc87a034b3d63de6867a3f18d50f832a9a633595a87.exe

  • Size

    6.7MB

  • MD5

    b89bfb351eae02b9d7b683fd7bd87d33

  • SHA1

    0c5afc16564c0fffeffd81989b19e18a4798c665

  • SHA256

    f25d1e455b2b14f25d81bbc87a034b3d63de6867a3f18d50f832a9a633595a87

  • SHA512

    e675d14deaea60194a7fe972ad2919b0e594ec976a09d6814fd1eb60a5eca1aa2ecc4cddc1ce9089d799431ded11eab7a6dda0d2960c19ceb76a44741847b094

  • SSDEEP

    196608:V3PS23a2T8zADyRfW6W/lAnwt+sJKi69:dab2AzADy86W/uwt9JKr9

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 3 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f25d1e455b2b14f25d81bbc87a034b3d63de6867a3f18d50f832a9a633595a87.exe
    "C:\Users\Admin\AppData\Local\Temp\f25d1e455b2b14f25d81bbc87a034b3d63de6867a3f18d50f832a9a633595a87.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2340

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2340-0-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-3-0x0000000000400000-0x00000000014D5000-memory.dmp

          Filesize

          16.8MB

          Download

        • memory/2340-2-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-5-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-6-0x0000000000250000-0x0000000000251000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-9-0x0000000000250000-0x0000000000251000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-8-0x0000000000400000-0x00000000014D5000-memory.dmp

          Filesize

          16.8MB

          Download

        • memory/2340-11-0x0000000000250000-0x0000000000251000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-14-0x0000000000260000-0x0000000000261000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-24-0x0000000000280000-0x0000000000281000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-21-0x0000000000270000-0x0000000000271000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-31-0x0000000000290000-0x0000000000291000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-29-0x0000000000290000-0x0000000000291000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-26-0x0000000000280000-0x0000000000281000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-19-0x0000000000270000-0x0000000000271000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-16-0x0000000000260000-0x0000000000261000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-34-0x00000000002A0000-0x00000000002A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-32-0x00000000002A0000-0x00000000002A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-37-0x0000000077670000-0x0000000077671000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-36-0x00000000002A0000-0x00000000002A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2340-43-0x0000000000400000-0x00000000014D5000-memory.dmp

          Filesize

          16.8MB

          Download