d0f3503a704d618cb378b5f070596447e184a58db1c868ff0d5c95d1afa63335

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
25/06/2024, 02:41

Target

d0f3503a704d618cb378b5f070596447e184a58db1c868ff0d5c95d1afa63335.exe
Size

2.9MB
MD5

e943ab7da0b559954ab3dfee8adaedff
SHA1

0578c90af437b983a8123947fc07d028f4b0f99e
SHA256

d0f3503a704d618cb378b5f070596447e184a58db1c868ff0d5c95d1afa63335
SHA512

075b555c5d04d09c2682c1b795b1c8e67b1cfde70b345bd3bacb430ac9cb31d7ede3f65732efe32781b5e3aaf7d73575a1555d481a13e2a87e28598081b5a4d5
SSDEEP

24576:8T+lw8ji3IvTLdhBefqpealTS0Wl7dYiYgztA7TQiq2DG9vq0Jw4ih140GsNu1V6:8GhU4dhofmNf9qrbZ470dGXs926bB4

Score

9^/10

Detects executables packed with VMProtect. 4 IoCs

resource	yara_rule
behavioral2/memory/724-0-0x0000000000400000-0x00000000006DD000-memory.dmp	INDICATOR_EXE_Packed_VMProtect
behavioral2/memory/724-5-0x0000000000400000-0x000000000047F000-memory.dmp	INDICATOR_EXE_Packed_VMProtect
behavioral2/memory/724-4-0x0000000000400000-0x00000000006DD000-memory.dmp	INDICATOR_EXE_Packed_VMProtect
behavioral2/memory/724-2-0x0000000000400000-0x000000000047F000-memory.dmp	INDICATOR_EXE_Packed_VMProtect

C:\Users\Admin\AppData\Local\Temp\d0f3503a704d618cb378b5f070596447e184a58db1c868ff0d5c95d1afa63335.exe
"C:\Users\Admin\AppData\Local\Temp\d0f3503a704d618cb378b5f070596447e184a58db1c868ff0d5c95d1afa63335.exe"
1⤵
PID:724

memory/724-1-0x0000000000400000-0x00000000006DD000-memory.dmp

Filesize
2.9MB

Download
memory/724-0-0x0000000000400000-0x00000000006DD000-memory.dmp

Filesize
2.9MB

Download
memory/724-5-0x0000000000400000-0x000000000047F000-memory.dmp

Filesize
508KB

Download
memory/724-4-0x0000000000400000-0x00000000006DD000-memory.dmp

Filesize
2.9MB

Download
memory/724-2-0x0000000000400000-0x000000000047F000-memory.dmp

Filesize
508KB

Download