Overview

overview

7

Static

static

7

46b9ee3589...dc.exe

windows7-x64

7

46b9ee3589...dc.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    152s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/11/2023, 01:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    46b9ee358978e07a660a06d21bb73badbb4f80d233d25adf2ec46e34ac29dfdc.exe

  • Size

    9.3MB

  • MD5

    11af0b0156bb8e8fbfc3a0f99dfaa416

  • SHA1

    aa9ea25affae531845fe7487e2aea17394f2ba72

  • SHA256

    46b9ee358978e07a660a06d21bb73badbb4f80d233d25adf2ec46e34ac29dfdc

  • SHA512

    02f220d44ce04c7f33f3c0f4f4829ac5eb6018e57110b2e3add48fa4e5171b792ed56d17093b6059dd35c1474bcbccd188a93730a8a9743d2ddf64c022a43c2a

  • SSDEEP

    196608:kLCW7JkunKH+BbNxWTx7ufxrrS5hls1uETA0TsBz:kn7+unGMbNxtrrOls3MV

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 3 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\46b9ee358978e07a660a06d21bb73badbb4f80d233d25adf2ec46e34ac29dfdc.exe
    "C:\Users\Admin\AppData\Local\Temp\46b9ee358978e07a660a06d21bb73badbb4f80d233d25adf2ec46e34ac29dfdc.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2140

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2140-0-0x00000000018B0000-0x00000000018B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2140-1-0x0000000000400000-0x00000000015F5000-memory.dmp

          Filesize

          18.0MB

          Download

        • memory/2140-3-0x0000000001D70000-0x0000000001D71000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2140-2-0x0000000001D60000-0x0000000001D61000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2140-4-0x0000000001DA0000-0x0000000001DA1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2140-6-0x00000000034E0000-0x00000000034E1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2140-7-0x0000000000400000-0x00000000015F5000-memory.dmp

          Filesize

          18.0MB

          Download

        • memory/2140-8-0x00000000034F0000-0x00000000034F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2140-5-0x00000000034D0000-0x00000000034D1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2140-9-0x0000000003500000-0x0000000003501000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2140-13-0x0000000010000000-0x0000000010116000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/2140-17-0x0000000000400000-0x00000000015F5000-memory.dmp

          Filesize

          18.0MB

          Download