Malware Analysis Report

2025-05-06 00:40

Sample ID 241109-1ew8qavrdl
Target VMware-workstation-full-17.6.1-24319023.exe
SHA256 f95429e395a583eb5ba91f09b040e2f8c53a5e7aa37c4c6bfcaf82115a8d3fa4
Tags
discovery
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

SHA256

f95429e395a583eb5ba91f09b040e2f8c53a5e7aa37c4c6bfcaf82115a8d3fa4

Threat Level: Likely benign

The file VMware-workstation-full-17.6.1-24319023.exe was found to be: Likely benign.

Malicious Activity Summary

discovery

System Location Discovery: System Language Discovery

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-09 21:35

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 21:34

Reported

2024-11-09 21:36

Platform

win11-20241007-en

Max time kernel

6s

Command Line

"C:\Users\Admin\AppData\Local\Temp\VMware-workstation-full-17.6.1-24319023.exe"

Signatures

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\VMware-workstation-full-17.6.1-24319023.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\VMware-workstation-full-17.6.1-24319023.exe

"C:\Users\Admin\AppData\Local\Temp\VMware-workstation-full-17.6.1-24319023.exe"

Network

N/A

Files

N/A