Overview

overview

3

Static

static

3

VaM_Updater.exe

windows7-x64

1

VaM_Updater.exe

windows10-2004-x64

3

Resubmissions

28/11/2023, 00:58

231128-bblv5seb21 3

28/11/2023, 00:54

231128-a9b8xsea81 3

28/11/2023, 00:50

231128-a69p1sea8s 3

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    28/11/2023, 00:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    VaM_Updater.exe

  • Size

    1.4MB

  • MD5

    8cb96b8c474f3badff46984c6bc8fa41

  • SHA1

    95c186bb31eef27c45990545c3120ecf065edc19

  • SHA256

    5ad0f3423dfa7dc4e83c20a0631510bdcaa55c5669fcbb21ef86f1641ff962f1

  • SHA512

    13a1426b170b351f18f9115d4bdce5c2ec1f73e6822feeb39c2b196d404957ea2eaff35f0579d6f9a9a74818886fca40dd336a8023fa601a58ab4581ce697954

  • SSDEEP

    24576:YaO0n/Sf771Ej0WvowfPv+RRIUkr6IibqIjk2cvptJcy0PJ:TOS/sEzvrn+7IUsdibqIZcBtOy0

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\VaM_Updater.exe
    "C:\Users\Admin\AppData\Local\Temp\VaM_Updater.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2944

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\MHLab.PATCH.dll
          Filesize

          152KB

          MD5

          8fea615acb188fad751db652cf9fe0b4

          SHA1

          168ba95d5f93fe7af8ce6fcbd97b68f4818aae94

          SHA256

          1553d5f929010a1e66f9230cc84bdc533eb97521c235d3b6792dcb923efe3a17

          SHA512

          b0561fad12aa54164818a3b936541aa9a12bd7ac24168b1ed559e925bb7b8596346995f9b2cc7575fea315606ee23d4c83665051e0f251b49cfc56bc78111f72

          Download Submit

        • memory/2944-17-0x000000001AE60000-0x000000001AEE0000-memory.dmp

          Filesize

          512KB

          Download

        • memory/2944-20-0x000000001AE60000-0x000000001AEE0000-memory.dmp

          Filesize

          512KB

          Download

        • memory/2944-6-0x0000000000260000-0x000000000028C000-memory.dmp

          Filesize

          176KB

          Download

        • memory/2944-9-0x0000000000260000-0x000000000028C000-memory.dmp

          Filesize

          176KB

          Download

        • memory/2944-1-0x000007FEF5840000-0x000007FEF622C000-memory.dmp

          Filesize

          9.9MB

          Download

        • memory/2944-12-0x00000000005B0000-0x00000000005BA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/2944-2-0x000000001AE60000-0x000000001AEE0000-memory.dmp

          Filesize

          512KB

          Download

        • memory/2944-18-0x000000001AE60000-0x000000001AEE0000-memory.dmp

          Filesize

          512KB

          Download

        • memory/2944-13-0x00000000005B0000-0x00000000005BA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/2944-19-0x000000001AE60000-0x000000001AEE0000-memory.dmp

          Filesize

          512KB

          Download

        • memory/2944-0-0x0000000000810000-0x0000000000988000-memory.dmp

          Filesize

          1.5MB

          Download

        • memory/2944-21-0x000007FEF5840000-0x000007FEF622C000-memory.dmp

          Filesize

          9.9MB

          Download

        • memory/2944-22-0x000000001AE60000-0x000000001AEE0000-memory.dmp

          Filesize

          512KB

          Download

        • memory/2944-23-0x00000000005B0000-0x00000000005BA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/2944-24-0x000007FEF5840000-0x000007FEF622C000-memory.dmp

          Filesize

          9.9MB

          Download