20389c7d417ec512e18bb246a693ce37e041390b6cf1cdd5dca0728b709f910d | Triage

Analysis

max time kernel
94s
max time network
133s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
20-11-2024 10:14

Sharing

Report Analysis Logs

General

Target

$R0/NsGpuCNMiner.exe
Size

1.5MB
MD5

35d2c42b6ee0acbce9dfe8cc418fe5d8
SHA1

66b965d1ee4013c80f7e0e27725e43f3d316325a
SHA256

7a2a860bb344526e8546acd172522b4d276a4647f43dd4720281d40e390b283e
SHA512

00d89a686995d7b2415f6de5786a175232606cb962744149129ed329fcbf0d4ee076e9bc1125adcaa58571ade5f22372b0bef2d2af78dd12378654e6e23b5ebf
SSDEEP

49152:FG/58i4P5hIFmiMhgmo+e5i2vkCzqYQjUs:wvw5mmed+e5hsCL+

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

Processes:

resource	yara_rule
behavioral12/memory/484-0-0x00007FF693740000-0x00007FF693AFC000-memory.dmp	vmprotect

C:\Users\Admin\AppData\Local\Temp\$R0\NsGpuCNMiner.exe
"C:\Users\Admin\AppData\Local\Temp\$R0\NsGpuCNMiner.exe"
1⤵
PID:484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/484-0-0x00007FF693740000-0x00007FF693AFC000-memory.dmp

Filesize
3.7MB

Download