Overview

overview

7

Static

static

7

WallHack P...11.dll

windows7-x64

1

WallHack P...11.dll

windows10-2004-x64

1

WallHack P...rX.exe

windows7-x64

7

WallHack P...rX.exe

windows10-2004-x64

7

msvcp100.dll

windows7-x64

3

msvcp100.dll

windows10-2004-x64

3

msvcp100d.dll

windows7-x64

1

msvcp100d.dll

windows10-2004-x64

1

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

3

WallHack P...00.dll

windows7-x64

3

WallHack P...00.dll

windows10-2004-x64

3

WallHack P...0d.dll

windows7-x64

1

WallHack P...0d.dll

windows10-2004-x64

1

WallHack P...00.dll

windows7-x64

3

WallHack P...00.dll

windows10-2004-x64

3

WallHack P...x9.dll

windows7-x64

3

WallHack P...x9.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    168s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-03-2024 02:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WallHack PB Windows 7 28.10.2011/PerX.exe

  • Size

    298KB

  • MD5

    045a1bd611d3a3347945307e785cae9a

  • SHA1

    505248f1d003b828f28211175fd6f91d9822c70c

  • SHA256

    aaafc970e116fc78017319970bd4bb2522a6754e99ac7e696c7fc6dc94d49b39

  • SHA512

    2955c22b88b8b07fc6d992dfb6eddae5b3ba97bc0c623152669081e170cb2b781925247a29d4028ef6f425322122403d67b86b3354c8d82fb123dcd73e3279d7

  • SSDEEP

    6144:EYPOodm30xwcP9n2U82xZkckexoS8pm97WQPhFzo0naGr:zdm3xc4L24cVoS8c97WyXPaGr

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\WallHack PB Windows 7 28.10.2011\PerX.exe
    "C:\Users\Admin\AppData\Local\Temp\WallHack PB Windows 7 28.10.2011\PerX.exe"
    1⤵
      PID:3612
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3612 -s 476
        2⤵
        • Program crash
        PID:2536
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 3612 -ip 3612
      1⤵
        PID:4972

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3612-0-0x0000000000400000-0x00000000004BD000-memory.dmp

        Filesize

        756KB

        Download

      • memory/3612-1-0x0000000000400000-0x00000000004BD000-memory.dmp

        Filesize

        756KB

        Download