76d441210eead01ad6fbe0fb4af433166bc35ae5df5a92421c8806fd0ed43e21 | Triage

Sharing

General

Target

76d441210eead01ad6fbe0fb4af433166bc35ae5df5a92421c8806fd0ed43e21
Size

709KB
Sample

220625-fnsxfafben
MD5

3a447ca68e3ffd34434c01dd6e9ee962
SHA1

55e105afa0b48615ea4362945006c9bd79733125
SHA256

76d441210eead01ad6fbe0fb4af433166bc35ae5df5a92421c8806fd0ed43e21
SHA512

31c9cc9fdd958876e654a78afb6400b725fd9712c01e4f9122526c9c442b16078818c7e48fac761d97cc7f10edcf3abd3fd0f7871cb196dd105bf06df6e70305

Score

7^/10

evasion themida

Malware Config

Targets

- Target
  
  76d441210eead01ad6fbe0fb4af433166bc35ae5df5a92421c8806fd0ed43e21
- Size
  
  709KB
- MD5
  
  3a447ca68e3ffd34434c01dd6e9ee962
- SHA1
  
  55e105afa0b48615ea4362945006c9bd79733125
- SHA256
  
  76d441210eead01ad6fbe0fb4af433166bc35ae5df5a92421c8806fd0ed43e21
- SHA512
  
  31c9cc9fdd958876e654a78afb6400b725fd9712c01e4f9122526c9c442b16078818c7e48fac761d97cc7f10edcf3abd3fd0f7871cb196dd105bf06df6e70305
Score

7^/10

evasion themida
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2