Analysis
-
max time kernel
143s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
01-02-2024 13:38
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
ObfuscatedBy_GoArmor.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
ObfuscatedBy_GoArmor.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
ObfuscatedBy_GoArmor.exe
-
Size
5.3MB
-
MD5
bb1e8c9b44176941ddf3c33188a967d2
-
SHA1
0b9b55a8a767e0d182be28f62296a96386c45d17
-
SHA256
8d065d06a730228c3aed55719f8f6849598cc0e38fe4bbc692a0a3c6ecab1ea0
-
SHA512
030f38477c24bb1b32b6ded9f76bdbf191c29b2f96b618757b70c2138b0f6a377173df3230d1c889c0a73f2f0b07e39d433990817a3537457b7e98c769217759
-
SSDEEP
49152:b+BFTFc8kdotEIOXQhwPPeaXx1q+K3HYVpgZ5Evoo23JstwdAbvynOsYfOC0obzr:CLFcFVdK34gPEwo23JJAPnIQx
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 2 IoCs
description pid Process procid_target PID 4548 wrote to memory of 5116 4548 ObfuscatedBy_GoArmor.exe 84 PID 4548 wrote to memory of 5116 4548 ObfuscatedBy_GoArmor.exe 84