Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 07:21

General

  • Target

    78c7b9f3f512b0d6aacf63efc0b10be6.exe

  • Size

    2.2MB

  • MD5

    78c7b9f3f512b0d6aacf63efc0b10be6

  • SHA1

    870f4af0a82c93beea0ec33a1ab81f7a8a27fc04

  • SHA256

    cec01ec497f814484451e18589faa86f09367c2cc005d5cd5f64eedde0860010

  • SHA512

    62248dfde3f49ebe0d4731d227daf8e50a12649a583bcce1cd87b1a2dd96242f70b9c000d59a2267eb250ab039288896e1c0f6c3f6b34eb3d0afafaf9d2c0223

  • SSDEEP

    49152:KCdubdO/rcOAEWCbskBaqaIPcRQdn/IoWuBuqvsYMRExz0:KCX/rnpYkBZHc4n/I6J9x4

Score
7/10

Malware Config

Signatures

  • VMProtect packed file 29 IoCs

    Detects executables packed with VMProtect commercial packer.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\78c7b9f3f512b0d6aacf63efc0b10be6.exe
    "C:\Users\Admin\AppData\Local\Temp\78c7b9f3f512b0d6aacf63efc0b10be6.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1964

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1964-0-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-1-0x00000000000F0000-0x00000000000F1000-memory.dmp

          Filesize

          4KB

        • memory/1964-3-0x00000000000F0000-0x00000000000F1000-memory.dmp

          Filesize

          4KB

        • memory/1964-5-0x00000000000F0000-0x00000000000F1000-memory.dmp

          Filesize

          4KB

        • memory/1964-6-0x0000000000180000-0x0000000000181000-memory.dmp

          Filesize

          4KB

        • memory/1964-8-0x0000000000180000-0x0000000000181000-memory.dmp

          Filesize

          4KB

        • memory/1964-10-0x0000000000180000-0x0000000000181000-memory.dmp

          Filesize

          4KB

        • memory/1964-13-0x0000000000190000-0x0000000000191000-memory.dmp

          Filesize

          4KB

        • memory/1964-15-0x0000000000190000-0x0000000000191000-memory.dmp

          Filesize

          4KB

        • memory/1964-18-0x00000000001B0000-0x00000000001B1000-memory.dmp

          Filesize

          4KB

        • memory/1964-20-0x00000000001B0000-0x00000000001B1000-memory.dmp

          Filesize

          4KB

        • memory/1964-23-0x00000000001C0000-0x00000000001C1000-memory.dmp

          Filesize

          4KB

        • memory/1964-25-0x00000000001C0000-0x00000000001C1000-memory.dmp

          Filesize

          4KB

        • memory/1964-28-0x00000000001D0000-0x00000000001D1000-memory.dmp

          Filesize

          4KB

        • memory/1964-30-0x00000000001D0000-0x00000000001D1000-memory.dmp

          Filesize

          4KB

        • memory/1964-31-0x00000000001E0000-0x00000000001E1000-memory.dmp

          Filesize

          4KB

        • memory/1964-33-0x00000000001E0000-0x00000000001E1000-memory.dmp

          Filesize

          4KB

        • memory/1964-35-0x00000000001E0000-0x00000000001E1000-memory.dmp

          Filesize

          4KB

        • memory/1964-36-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-38-0x00000000773A0000-0x00000000773A1000-memory.dmp

          Filesize

          4KB

        • memory/1964-40-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-41-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-42-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-43-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-44-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-45-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-46-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-47-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-48-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-49-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-50-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-51-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-52-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-53-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-54-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-55-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-56-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-57-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-58-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-59-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-60-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-61-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-62-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-63-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-65-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-64-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB

        • memory/1964-92-0x0000000000E90000-0x000000000133F000-memory.dmp

          Filesize

          4.7MB