Analysis

  • max time kernel
    92s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/12/2023, 00:07

General

  • Target

    308b3ee5afb967a4b4d97e80e8de9b9b.exe

  • Size

    7.0MB

  • MD5

    308b3ee5afb967a4b4d97e80e8de9b9b

  • SHA1

    8fa3f0e37be0ae7178e12fbf1b8172dc5d64692f

  • SHA256

    be7e9ca4df87a899bbe0d3e9b880f90f6da66b0fd95bf991b7533c5c5c0890d2

  • SHA512

    3889b3b5d88a86a83bac2604fb48361c03019c4eed653fc45161d23106a5beccdb530f102d1cdb2f5a9d9ba62f421824de529f2b84563b8cd0bac33953113b55

  • SSDEEP

    196608:jkWCnB0b0XCXcMrRLUX+LP6OPsZfB/bp1fOX5:gWGBY7sE+O0NjNOJ

Score
7/10

Malware Config

Signatures

  • VMProtect packed file 3 IoCs

    Detects executables packed with VMProtect commercial packer.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\308b3ee5afb967a4b4d97e80e8de9b9b.exe
    "C:\Users\Admin\AppData\Local\Temp\308b3ee5afb967a4b4d97e80e8de9b9b.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Windows\system32\cmd.exe
      C:\Windows\system32\cmd.exe /c cls
      2⤵
        PID:1884

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2168-0-0x00007FFDE8EB0000-0x00007FFDE8EB2000-memory.dmp

            Filesize

            8KB

          • memory/2168-2-0x00007FF66DE40000-0x00007FF66EC67000-memory.dmp

            Filesize

            14.2MB

          • memory/2168-1-0x00007FF66DE40000-0x00007FF66EC67000-memory.dmp

            Filesize

            14.2MB

          • memory/2168-6-0x00007FF66DE40000-0x00007FF66EC67000-memory.dmp

            Filesize

            14.2MB