Overview

overview

7

Static

static

7

b7dfbb2625...7e.exe

windows7_x64

7

b7dfbb2625...7e.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b7dfbb262541c2fadae34f13363f3d42329aabb380ae9d16021954569c4cb77e

  • Size

    2.1MB

  • Sample

    220620-jhwmxsafhk

  • MD5

    323a8aba0c38d245a7b05448c8d8ec43

  • SHA1

    8246f104551fbd8cda34b3e05c4445d358ee3b48

  • SHA256

    b7dfbb262541c2fadae34f13363f3d42329aabb380ae9d16021954569c4cb77e

  • SHA512

    e882c9200446a4d6ed60bc96bc512daadcb2c80e6b819061e91f0b4ef1b529e5a6e393d34715b57ffb59dd014b6de359c6b68ca32add7ae4b9de440c69ec01f6

Score
7/10
evasionthemida

Malware Config

Targets

    • Target

      b7dfbb262541c2fadae34f13363f3d42329aabb380ae9d16021954569c4cb77e

    • Size

      2.1MB

    • MD5

      323a8aba0c38d245a7b05448c8d8ec43

    • SHA1

      8246f104551fbd8cda34b3e05c4445d358ee3b48

    • SHA256

      b7dfbb262541c2fadae34f13363f3d42329aabb380ae9d16021954569c4cb77e

    • SHA512

      e882c9200446a4d6ed60bc96bc512daadcb2c80e6b819061e91f0b4ef1b529e5a6e393d34715b57ffb59dd014b6de359c6b68ca32add7ae4b9de440c69ec01f6

    Score
    7/10
    evasionthemida

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Query Registry

1
T1012

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks