252cb2ee5651dad32f76c1f5e00f6948b88080a5a41e5ca52fc89c0fc028e061

Analysis

max time kernel
120s
max time network
130s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
13/10/2023, 00:17

Target

252cb2ee5651dad32f76c1f5e00f6948b88080a5a41e5ca52fc89c0fc028e061.exe
Size

6.3MB
MD5

78d62cec2ecb8763011bc3686fb43158
SHA1

11514df4184afb1db78fd65b477f25af2f8ea620
SHA256

252cb2ee5651dad32f76c1f5e00f6948b88080a5a41e5ca52fc89c0fc028e061
SHA512

0566c7cc0e97c70444062a5499647023243574ae0c1ba8b8a7648208895f2d2893774be0001dbd996a3860a5b37ff6fed075eaee4e4ee25328a14649cfb00c19
SSDEEP

196608:UcI3OMKRfzNOrVmcRX8CsM5vXVaE2NWoXOtfXey:UK/R5+/RX8Yd7+Wya

Score

7^/10

vmprotect

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

resource	yara_rule
behavioral1/memory/2020-0-0x00000000001C0000-0x0000000000815000-memory.dmp	vmprotect

C:\Users\Admin\AppData\Local\Temp\252cb2ee5651dad32f76c1f5e00f6948b88080a5a41e5ca52fc89c0fc028e061.exe
"C:\Users\Admin\AppData\Local\Temp\252cb2ee5651dad32f76c1f5e00f6948b88080a5a41e5ca52fc89c0fc028e061.exe"
1⤵
PID:2020

memory/2020-0-0x00000000001C0000-0x0000000000815000-memory.dmp

Filesize
6.3MB

Download