Analysis
-
max time kernel
28s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
26/05/2024, 06:04
Behavioral task
behavioral1
Sample
VapeSS.exe
Resource
win7-20240221-en
General
-
Target
VapeSS.exe
-
Size
12.9MB
-
MD5
52e4f04a36e1b177d50c459828a6187a
-
SHA1
6f3cbb760d9b659046136d7af75422825f713b13
-
SHA256
3c42994eb5810135749696ba46388a888b4ba35232b281a1528cc98cdfabc8c8
-
SHA512
1cd617265e5b9338bc02da96d208d79518df168e3b5ee6c57ba64cd5a2a85516e48dc0a0e99de503f45f0a8b121da6daffac45561aedca42b27254ced18f30c8
-
SSDEEP
196608:72qT4FMIZETSRjPePdrQJOKbABd1Wm8bMg4iGYPo1BWXOe0y5dHMlO:K8QETSRvJju1Wm8dGJ1AXFZdp
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 2420 VapeSS.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2492 wrote to memory of 2420 2492 VapeSS.exe 28 PID 2492 wrote to memory of 2420 2492 VapeSS.exe 28 PID 2492 wrote to memory of 2420 2492 VapeSS.exe 28
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.5MB
MD55a5dd7cad8028097842b0afef45bfbcf
SHA1e247a2e460687c607253949c52ae2801ff35dc4a
SHA256a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce
SHA512e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858