Overview

overview

7

Static

static

7

12d629fef5...8e.exe

windows7-x64

7

12d629fef5...8e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2023, 07:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    12d629fef52819625bcb31174e2ae10549cf3c27a92fcdf34443f580dcd1c98e.exe

  • Size

    12.9MB

  • MD5

    ac8332761898e12c81b4a84e1c6b5f56

  • SHA1

    7b3b874f7708ce3f15b96502722ec9cedced0a4b

  • SHA256

    12d629fef52819625bcb31174e2ae10549cf3c27a92fcdf34443f580dcd1c98e

  • SHA512

    f219000635716fc1a538321668db2fd1cad19a898d17958c18782b07e4afed2431b8864900e737ab158fcd6da61fecff7c93459ab82bd26ef600d40ee6cf632a

  • SSDEEP

    393216:N7Kjt7dVxFo9CssbvuQu3hyFnYevQ6zELawA7fbg6woN:NOjt0s5zu3hyb46zEONfo

Score
7/10
upxvmprotect

Malware Config

Signatures

  • UPX packed file 10 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • VMProtect packed file 4 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\12d629fef52819625bcb31174e2ae10549cf3c27a92fcdf34443f580dcd1c98e.exe
    "C:\Users\Admin\AppData\Local\Temp\12d629fef52819625bcb31174e2ae10549cf3c27a92fcdf34443f580dcd1c98e.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2776

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2776-0-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-2-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-5-0x0000000000400000-0x0000000001D4E000-memory.dmp

          Filesize

          25.3MB

          Download

        • memory/2776-4-0x0000000000230000-0x0000000000231000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-6-0x0000000000250000-0x0000000000251000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-8-0x0000000000250000-0x0000000000251000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-10-0x0000000000250000-0x0000000000251000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-12-0x0000000000400000-0x0000000001D4E000-memory.dmp

          Filesize

          25.3MB

          Download

        • memory/2776-14-0x0000000000260000-0x0000000000261000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-16-0x0000000000260000-0x0000000000261000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-21-0x0000000000270000-0x0000000000271000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-19-0x0000000000270000-0x0000000000271000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-24-0x0000000000280000-0x0000000000281000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-26-0x0000000000280000-0x0000000000281000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-31-0x0000000000290000-0x0000000000291000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-29-0x0000000000290000-0x0000000000291000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-34-0x00000000002A0000-0x00000000002A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-32-0x00000000002A0000-0x00000000002A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-37-0x0000000077CE0000-0x0000000077CE1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-36-0x00000000002A0000-0x00000000002A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-41-0x0000000010000000-0x00000000105A1000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2776-42-0x0000000010000000-0x00000000105A1000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2776-43-0x0000000003E40000-0x00000000043E1000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2776-44-0x0000000003E40000-0x00000000043E1000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2776-45-0x0000000003E40000-0x00000000043E1000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2776-47-0x0000000003E40000-0x00000000043E1000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2776-46-0x0000000003E40000-0x00000000043E1000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2776-48-0x0000000003E40000-0x00000000043E1000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2776-49-0x00000000003D0000-0x00000000003D1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2776-50-0x0000000000400000-0x0000000001D4E000-memory.dmp

          Filesize

          25.3MB

          Download

        • memory/2776-51-0x0000000000400000-0x0000000001D4E000-memory.dmp

          Filesize

          25.3MB

          Download

        • memory/2776-52-0x0000000010000000-0x00000000105A1000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/2776-53-0x0000000003E40000-0x00000000043E1000-memory.dmp

          Filesize

          5.6MB

          Download