6503144517435392[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

6503144517435392.zip
Size

10.1MB
MD5

e90c800f2489917906e3ca934687e2fd
SHA1

49cc1676e1471600c447637a4f31d83035293672
SHA256

6eeefc25fe1d24d3f46b554a31aea357a4cd04635db5c32dfddf28b5446c09d3
SHA512

fcb6cc91bdb19a6fe0dc389cabafe3ae68eb84cb9b1fda35ccf42b5a3cbca832fac7bfb63cb33e9f1e6b81ab121289698842b22a6e7b76b62e0c2605a207739f

Score

8^/10

vmprotect themida upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
static1/unpack001/ccfd3a7694cef5981b4f11478aa18d47e34cd2949fdfbcd9a0183ad0caba9a6f	upx

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

Processes:

resource	yara_rule
static1/unpack001/4f4a33f70099855f5f503716515f388da3a5daa1e2fac59ec6c881e89ef7d072	vmprotect

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

Processes:

resource	yara_rule
static1/unpack001/62b28222159f1b1abe80bec49c89444448c41623a93895afafb7563fe82ffdd3	themida

Files

6503144517435392.zip
.zip

Password: infected
1814a6a6749684cdacd792374e0ba31b7be4ff6f9675f3fd15d543afbb540367
.exe windows x64
2ca4f97e15c6ddaa3276fbc56e716249dde1d2607f3b745933fedd9df3879751
.exe windows x86
3db6e8df73f12b6a9fa9adb6ad87b017d530a9d736909338042735ed00a9463b
.dll windows x86 regsvr32

Exports

Exports

DllInstall
DllRegisterServer
EntryPoint
3e2ce6fd7b53224df92581b800ce9a6605eae878d4165df9ae8f73a488be3fa5
.exe windows x86
463b34821a8eb219ff5980787d95bc2cfdd2d7f82720163394973814cd5dfe40
.exe windows x64
4f4a33f70099855f5f503716515f388da3a5daa1e2fac59ec6c881e89ef7d072
.exe windows x86
53b1c1b2f41a7fc300e97d036e57539453ff82001dd3f6abf07f4896b1f9ca22
.exe windows x86
62b28222159f1b1abe80bec49c89444448c41623a93895afafb7563fe82ffdd3
.exe windows x86
6bc6f60b873ea406022459edcd2df278cb2ec7bb4d994ebd4fc02af3a57ec6bc
.dll windows x86 regsvr32

Exports

Exports

DllInstall
DllRegisterServer
EntryPoint
6f7043b24d9b4c30006781402f0cef2543c8f3e9087d79f6bcff43b1418ad21d
.dll windows x86 regsvr32

Exports

Exports

DllInstall
DllRegisterServer
EntryPoint
706a8a4fc4b9f8b15c6bf1ee0fe732eaa5e069615ea126b931166672a8a5b51c
.exe windows x86
7236c8098c55ea1d144f4d6646e8cab8c7fdbde1d127d409b0d6a4ff1029628e
.exe windows x86
74ebfcd116fdd39217935d11ae62e48a0c44dfab822edea62ac7f611aca969dd
.dll windows x86 regsvr32

Exports

Exports

DllInstall
DllRegisterServer
EntryPoint
7fbeac1dca907f4c04fec45a1228c9277f03930355eeac30d101bbce7e2733de
.exe windows x86
87e6f7b20ea2bd35d947d9100fe6291dfe186cfedea5d451be14bab5d2518e89
.exe windows x86
918127c59ea7d9c0095a0add9bc93739a393d9fd64132446e7997952db07f93d
.exe windows x86
97469cb72db2b734861a1a7d27b2f90275b304ea87e5664cdfd75f2f4591922c
.exe windows x86
9b10f53b6f73280f07efc10aae6d2d9a3bd9914add2d22ed95a89938e841726d
.exe windows x86
9e86f9060857e46f9f0f3b361110d85737330ef3dac78b9ba8f39b857f854c7d
.exe windows x86
a79dcac3753c055d7b46b5ffa27b1b4bb55516180966f20a2878698b81638137
.dll windows x64 regsvr32

Exports

Exports

DllInstall
DllRegisterServer
EntryPoint
aacd1be17ca3aaca13d0c9f0366bcb28bdccd621cbde2f38b4a33321cba8a7df
.zip
Trojan-Ransom.Win32.Conti.4bfd58d4e4a6fe5e91b408bc190a24d352124902085f9c2da948ad7d79b72618
.exe windows x86
bb89a86c0efde745fa557036ff54500cb62130972446b89584c1d98062b4962b
.exe windows x86
be277aea966fd23c28bf2fcbe04959f19fd008dfac3dd0508f747f177f6bed70
.exe windows x86
ccfd3a7694cef5981b4f11478aa18d47e34cd2949fdfbcd9a0183ad0caba9a6f
.exe windows x86
d338295d50d5b39d8377c593f6d46feb512823e2724704448cc885b40c5056e0
.exe windows x86
ee8a90ef7dd9c51deef64cd7ac4b737b3c871b1605f4a5bfb11cba9f850be014
.exe windows x86
fe6e84192da5c0210d4bd51e809792b28e60edb337917f903a7e9a31bc40cf86
.exe windows x86

Sharing

General

Malware Config

Signatures

Files

Password: infected

Exports

Exports

Exports

Exports

Exports

Exports

Exports

Exports

Exports

Exports