d4df5e51b7a1729dbd9fa520564b4eafedee207ab86ea413c4299694121a8f39

Analysis

max time kernel
135s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/01/2024, 06:22

Target

769e7f882dda22d6fd557b24582ced6c.exe
Size

736KB
MD5

769e7f882dda22d6fd557b24582ced6c
SHA1

c5d8010418974aca024a8370749dedf23b71c440
SHA256

d4df5e51b7a1729dbd9fa520564b4eafedee207ab86ea413c4299694121a8f39
SHA512

3761eac42826ce20af8118a204788e80226dfb28638bf36a254225d2c87a4fbda3d2701b1e90ef3d3eec41edc9ca2eef596911c6e0432dd5cb0668f2db5adf52
SSDEEP

12288:QEPo2PK56xYAxYXfaVUkx/+kE4hMb0PLkKHPqo0xtZ1ZDvDvnE:1fPM6vL6kVXxhm8L5A31ZDLvnE

Score

7^/10

vmprotect

VMProtect packed file 3 IoCs

Detects executables packed with VMProtect commercial packer.

resource	yara_rule
behavioral2/memory/2132-0-0x0000000000400000-0x00000000005D1000-memory.dmp	vmprotect
behavioral2/memory/2132-1-0x0000000000400000-0x00000000005D1000-memory.dmp	vmprotect
behavioral2/memory/2132-42-0x0000000000400000-0x00000000005D1000-memory.dmp	vmprotect

Suspicious use of SetWindowsHookEx 3 IoCs

C:\Users\Admin\AppData\Local\Temp\769e7f882dda22d6fd557b24582ced6c.exe
"C:\Users\Admin\AppData\Local\Temp\769e7f882dda22d6fd557b24582ced6c.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2132

memory/2132-0-0x0000000000400000-0x00000000005D1000-memory.dmp

Filesize
1.8MB

Download
memory/2132-1-0x0000000000400000-0x00000000005D1000-memory.dmp

Filesize
1.8MB

Download
memory/2132-42-0x0000000000400000-0x00000000005D1000-memory.dmp

Filesize
1.8MB

Download