24fc45cd69a6d9eb5b54477d9d1ebbce4e72c3db6bb35c8d0d17034f330c5467

Submit
Reports

Overview

overview

Static

static

exam-testi...er.zip

windows7-x64

exam-testi...er.zip

windows10-2004-x64

exam-testi...er.exe

windows7-x64

exam-testi...er.exe

windows10-2004-x64

exam-testi...er.exe

windows7-x64

exam-testi...er.exe

windows10-2004-x64

exam-testi...LP.hlp

windows7-x64

exam-testi...LP.hlp

windows10-2004-x64

exam-testi...lp.chm

windows7-x64

exam-testi...lp.chm

windows10-2004-x64

exam-testi...pt.dll

windows7-x64

exam-testi...pt.dll

windows10-2004-x64

exam-testi...32.dll

windows7-x64

exam-testi...32.dll

windows10-2004-x64

exam-testi...se.txt

windows7-x64

exam-testi...se.txt

windows10-2004-x64

exam-testi...er.exe

windows7-x64

exam-testi...er.exe

windows10-2004-x64

exam-testi...le.ete

windows7-x64

exam-testi...le.ete

windows10-2004-x64

exam-testi...le.rtf

windows7-x64

exam-testi...le.rtf

windows10-2004-x64

exam-testi...le.txt

windows7-x64

exam-testi...le.txt

windows10-2004-x64

exam-testi...e3.dll

windows7-x64

exam-testi...e3.dll

windows10-2004-x64

exam-testi...32.dll

windows7-x64

exam-testi...32.dll

windows10-2004-x64

exam-testi...00.dat

windows7-x64

exam-testi...00.dat

windows10-2004-x64

exam-testi...00.exe

windows7-x64

exam-testi...00.exe

windows10-2004-x64

Analysis

max time kernel
149s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
28/05/2024, 14:55

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

exam-testing-engine-vumingo-master.zip

Resource

win7-20240221-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

exam-testing-engine-vumingo-master.zip

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral3

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/applauncher.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral4

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/applauncher.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral5

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/designer.exe

Resource

win7-20240419-en

windows7-x64

6 signatures

300 seconds

Behavioral task

behavioral6

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/designer.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

6 signatures

300 seconds

Behavioral task

behavioral7

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/help/ETESHELP.hlp

Resource

win7-20240221-en

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral8

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/help/ETESHELP.hlp

Resource

win10v2004-20240226-en

windows10-2004-x64

3 signatures

300 seconds

Behavioral task

behavioral9

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/help/ETESHelp.chm

Resource

win7-20240220-en

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral10

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/help/ETESHelp.chm

Resource

win10v2004-20240426-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral11

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/libcrypt.dll

Resource

win7-20231129-en

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral12

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/libcrypt.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral13

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/libeay32.dll

Resource

win7-20240508-en

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral14

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/libeay32.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral15

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/license.txt

Resource

win7-20240221-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral16

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/license.txt

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral17

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/player.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral18

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/player.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral19

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/samples/Exam Sample.ete

Resource

win7-20240419-en

windows7-x64

6 signatures

300 seconds

Behavioral task

behavioral20

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/samples/Exam Sample.ete

Resource

win10v2004-20240508-en

windows10-2004-x64

3 signatures

300 seconds

Behavioral task

behavioral21

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/samples/import_sample.rtf

Resource

win7-20240221-en

windows7-x64

7 signatures

300 seconds

Behavioral task

behavioral22

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/samples/import_sample.rtf

Resource

win10v2004-20240226-en

windows10-2004-x64

4 signatures

300 seconds

Behavioral task

behavioral23

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/samples/import_sample.txt

Resource

win7-20231129-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral24

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/samples/import_sample.txt

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

300 seconds

Behavioral task

behavioral25

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/sqlite3.dll

Resource

win7-20240215-en

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral26

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/sqlite3.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

300 seconds

Behavioral task

behavioral27

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/ssleay32.dll

Resource

win7-20240220-en

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral28

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/ssleay32.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

300 seconds

Behavioral task

behavioral29

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/uninstall/unins000.dat

Resource

win7-20240221-en

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral30

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/uninstall/unins000.dat

Resource

win10v2004-20240508-en

windows10-2004-x64

3 signatures

300 seconds

Behavioral task

behavioral31

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/uninstall/unins000.exe

Resource

win7-20240419-en

windows7-x64

3 signatures

300 seconds

Behavioral task

behavioral32

Sample

exam-testing-engine-vumingo-master/Exam Testing Engine/uninstall/unins000.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

300 seconds

Report Analysis Logs

General

Target

exam-testing-engine-vumingo-master/Exam Testing Engine/libcrypt.dll
Size

845KB
MD5

b202b28543316b97db7da231252c5cf2
SHA1

f8917829c7b70f0a94a4f64346eb9c40dd3d0bf0
SHA256

c2de2b293d1effc7e70f37ff5fd326574387d0976c31dab632f93bcabfaa12b9
SHA512

c6471a11593eaa8256e914b23528f28dfa7d3fbef2d3bcea883134976f803e1fcd97b1fbdcb175c271540d32a81b9e1f32f35fdb77c379c1eacd9538455304b6
SSDEEP

24576:4D5GRW0hxtbkfbm9I+KpPHcpLRnlzz5vJ:C0HFkaekFxp1B

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1592 wrote to memory of 3108	1592	rundll32.exe	85
PID 1592 wrote to memory of 3108	1592	rundll32.exe	85
PID 1592 wrote to memory of 3108	1592	rundll32.exe	85

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\exam-testing-engine-vumingo-master\Exam Testing Engine\libcrypt.dll",#1
1⤵
- Suspicious use of WriteProcessMemory
PID:1592
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe "C:\Users\Admin\AppData\Local\Temp\exam-testing-engine-vumingo-master\Exam Testing Engine\libcrypt.dll",#1
  2⤵
  PID:3108

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads