Overview

overview

7

Static

static

7

aa3a882bfe...2a.exe

windows7-x64

7

aa3a882bfe...2a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25-06-2024 20:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aa3a882bfe2683cb68950da9d2821305648c8788050a1b3658babd58a9c0f02a.exe

  • Size

    2.9MB

  • MD5

    cf136abe87d58b66e93a1fe841bcfc52

  • SHA1

    08ff27c8d24ddb63f91b328fc121ac6945aa045f

  • SHA256

    aa3a882bfe2683cb68950da9d2821305648c8788050a1b3658babd58a9c0f02a

  • SHA512

    cc84e8f07279b53024e6a75ced023906ac0b3b562a3210f59e3327761a6dedf9db20c808e14015916a0f496fe25a07399bc65842da1e0647ec93b5a087c6cc31

  • SSDEEP

    49152:3E4xzCu5Ei++9CC5RIfiJLZ1zxDAJm49evCI3QAovTdYEYIFxbARZQGnok8uG2J4:UMgasuiaJLX2mQevCSQAkTdEIFq/QInG

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 3 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\aa3a882bfe2683cb68950da9d2821305648c8788050a1b3658babd58a9c0f02a.exe
    "C:\Users\Admin\AppData\Local\Temp\aa3a882bfe2683cb68950da9d2821305648c8788050a1b3658babd58a9c0f02a.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\sweetsConfig.ini
    Filesize

    131B

    MD5

    0b6bf354cd8cf784bbeb6aa3de4a6b2e

    SHA1

    356ac4a93ffa6b675a80d9c372cc932eb375106f

    SHA256

    837bdc7e11bc340b33a932b9dcf0c94b1c2441ed3262c7b207f045af85830cac

    SHA512

    87f71a9a8ef7e30122d4f0ce0ad4e0bdec6c5cdec3ca5ccbe732d69e86e3f3a9e816b1c9388d1f0175a80962df100d442d079cc4249b625794b9a0a109467799

    Download Submit

  • memory/2028-0-0x0000000000400000-0x0000000000D17000-memory.dmp

    Filesize

    9.1MB

    Download

  • memory/2028-1-0x0000000077750000-0x0000000077751000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2028-7-0x00000000750D0000-0x00000000750D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2028-9-0x0000000000400000-0x0000000000D17000-memory.dmp

    Filesize

    9.1MB

    Download

  • memory/2028-3-0x0000000077750000-0x0000000077751000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2028-11-0x00000000750D0000-0x00000000750D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2028-21-0x0000000077750000-0x0000000077751000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2028-30-0x0000000000400000-0x0000000000D17000-memory.dmp

    Filesize

    9.1MB

    Download