Analysis
-
max time kernel
100s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
22/12/2023, 08:37
Behavioral task
behavioral1
Sample
7dd25d53bd9dc1074001988f56904f3e.exe
Resource
win7-20231215-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
7dd25d53bd9dc1074001988f56904f3e.exe
Resource
win10v2004-20231215-en
2 signatures
150 seconds
General
-
Target
7dd25d53bd9dc1074001988f56904f3e.exe
-
Size
6.3MB
-
MD5
7dd25d53bd9dc1074001988f56904f3e
-
SHA1
1ba504d3b7cb958124023d619f8977fe98a16a22
-
SHA256
c451b9b570b2bbe801395febf97728a18b3fe3710948412b3d70dc7781ac2691
-
SHA512
f5153be844f60a464b4a17df756cf8564f228e61c9cb3505e86a9f55a38085700adf5d1da8324894872e74acedac3920c16a635915c79f1bc85864fe99da4a9f
-
SSDEEP
196608:OoLCV8bNpSpXuAVMlAxuNFkM2yoT0COiQ:O4tKuAlxqFkByoT2iQ
Score
7/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2192-4-0x0000000000400000-0x00000000015F8000-memory.dmp vmprotect behavioral1/memory/2192-38-0x0000000000400000-0x00000000015F8000-memory.dmp vmprotect behavioral1/memory/2192-41-0x0000000000400000-0x00000000015F8000-memory.dmp vmprotect -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 2192 7dd25d53bd9dc1074001988f56904f3e.exe 2192 7dd25d53bd9dc1074001988f56904f3e.exe