Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    21/12/2023, 22:42

General

  • Target

    186ee73e81e15e08dc29a5505008afe8.exe

  • Size

    6.4MB

  • MD5

    186ee73e81e15e08dc29a5505008afe8

  • SHA1

    e7d5c5ee29887b9f39a8682e3d5355dd444a6deb

  • SHA256

    0d9eb861d6a0e73acf0b2eaee5e1c25f429b616c1fa6dc2c10b2619c88d60cd7

  • SHA512

    bbaad8d51aa4a5d8d6b40b0ed3bb49ef260f09eba970ae11843340713c1010dd76834a01b23966f2c9aedf707fb4d67e915b5526ea2dd23ffe128a99c6bd7215

  • SSDEEP

    196608:mthgfctYCVCTcurXmAc90TFCQrroAiFshCYrN6:mwKYmke9UCQrME76

Score
7/10

Malware Config

Signatures

  • VMProtect packed file 3 IoCs

    Detects executables packed with VMProtect commercial packer.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\186ee73e81e15e08dc29a5505008afe8.exe
    "C:\Users\Admin\AppData\Local\Temp\186ee73e81e15e08dc29a5505008afe8.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2088

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2088-0-0x0000000000320000-0x0000000000321000-memory.dmp

          Filesize

          4KB

        • memory/2088-3-0x0000000000400000-0x00000000015F6000-memory.dmp

          Filesize

          18.0MB

        • memory/2088-2-0x0000000000320000-0x0000000000321000-memory.dmp

          Filesize

          4KB

        • memory/2088-5-0x0000000000320000-0x0000000000321000-memory.dmp

          Filesize

          4KB

        • memory/2088-13-0x0000000000340000-0x0000000000341000-memory.dmp

          Filesize

          4KB

        • memory/2088-30-0x0000000000370000-0x0000000000371000-memory.dmp

          Filesize

          4KB

        • memory/2088-28-0x0000000000370000-0x0000000000371000-memory.dmp

          Filesize

          4KB

        • memory/2088-25-0x0000000000360000-0x0000000000361000-memory.dmp

          Filesize

          4KB

        • memory/2088-23-0x0000000000360000-0x0000000000361000-memory.dmp

          Filesize

          4KB

        • memory/2088-20-0x0000000000350000-0x0000000000351000-memory.dmp

          Filesize

          4KB

        • memory/2088-18-0x0000000000350000-0x0000000000351000-memory.dmp

          Filesize

          4KB

        • memory/2088-15-0x0000000000340000-0x0000000000341000-memory.dmp

          Filesize

          4KB

        • memory/2088-10-0x0000000000330000-0x0000000000331000-memory.dmp

          Filesize

          4KB

        • memory/2088-8-0x0000000000330000-0x0000000000331000-memory.dmp

          Filesize

          4KB

        • memory/2088-6-0x0000000000330000-0x0000000000331000-memory.dmp

          Filesize

          4KB

        • memory/2088-33-0x0000000000380000-0x0000000000392000-memory.dmp

          Filesize

          72KB

        • memory/2088-37-0x0000000000380000-0x0000000000392000-memory.dmp

          Filesize

          72KB

        • memory/2088-38-0x0000000000400000-0x00000000015F6000-memory.dmp

          Filesize

          18.0MB

        • memory/2088-39-0x0000000000380000-0x0000000000392000-memory.dmp

          Filesize

          72KB

        • memory/2088-41-0x0000000000400000-0x00000000015F6000-memory.dmp

          Filesize

          18.0MB