cda68a52a6d2aa340e0dfdaea1f734c59a4884481109482b33d4e903b7113a5d

Analysis

max time kernel
149s
max time network
110s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
09/01/2024, 13:18

Target

4e67c4b9c8d2c20d16a8adce40e93943.exe
Size

267KB
MD5

4e67c4b9c8d2c20d16a8adce40e93943
SHA1

86ba48074c3724c4ea0ae5dfb464d59710ee8f54
SHA256

cda68a52a6d2aa340e0dfdaea1f734c59a4884481109482b33d4e903b7113a5d
SHA512

2e2a7af0f292d08370339760a359c92e513f54c293dcbbc9f1c87ed98450de4554c5f51fdbf1ca4c7a1798aa7a9a5f67644292a635751114bcb410edca20a8fd
SSDEEP

6144:TtDVBaps3A4biPw1mfbyqDtbREZJmyBL5zI:vwpSXU/5bRyA

Score

7^/10

vmprotect

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

resource	yara_rule
behavioral2/memory/3036-0-0x0000000000770000-0x00000000007E4000-memory.dmp	vmprotect

C:\Users\Admin\AppData\Local\Temp\4e67c4b9c8d2c20d16a8adce40e93943.exe
"C:\Users\Admin\AppData\Local\Temp\4e67c4b9c8d2c20d16a8adce40e93943.exe"
1⤵
PID:3036

memory/3036-1-0x00000000743D0000-0x0000000074B80000-memory.dmp

Filesize
7.7MB

Download
memory/3036-0-0x0000000000770000-0x00000000007E4000-memory.dmp

Filesize
464KB

Download
memory/3036-4-0x0000000004C30000-0x0000000004C31000-memory.dmp

Filesize
4KB

Download
memory/3036-3-0x0000000004C30000-0x0000000004C31000-memory.dmp

Filesize
4KB

Download
memory/3036-2-0x0000000007470000-0x0000000007480000-memory.dmp

Filesize
64KB

Download
memory/3036-6-0x0000000007F70000-0x0000000008514000-memory.dmp

Filesize
5.6MB

Download
memory/3036-7-0x0000000007BE0000-0x0000000007C72000-memory.dmp

Filesize
584KB

Download
memory/3036-9-0x0000000007470000-0x0000000007480000-memory.dmp

Filesize
64KB

Download
memory/3036-8-0x00000000743D0000-0x0000000074B80000-memory.dmp

Filesize
7.7MB

Download
memory/3036-10-0x0000000004C30000-0x0000000004C31000-memory.dmp

Filesize
4KB

Download