aa166a247a612ab74a6cadfd95800da0e4b2257d5442fd4e8558ceb05f907f2f | Triage

Sharing

General

Target

aa166a247a612ab74a6cadfd95800da0e4b2257d5442fd4e8558ceb05f907f2f
Size

567KB
Sample

220626-dymr3ahbc9
MD5

362b306967fa08fa204e968613c48b54
SHA1

1cf8efddf5f9fc1d31084118e1d83deadee06f02
SHA256

aa166a247a612ab74a6cadfd95800da0e4b2257d5442fd4e8558ceb05f907f2f
SHA512

aeb8a09416fd1c639bffa5ee040ea67bccb5bcd40e79bc4edba9c38cb89789d0775c82a111c2c5de5a87b71783bc76aa243619a8405b42f50874f5ba76b05476

Score

7^/10

evasion themida

Malware Config

Targets

- Target
  
  aa166a247a612ab74a6cadfd95800da0e4b2257d5442fd4e8558ceb05f907f2f
- Size
  
  567KB
- MD5
  
  362b306967fa08fa204e968613c48b54
- SHA1
  
  1cf8efddf5f9fc1d31084118e1d83deadee06f02
- SHA256
  
  aa166a247a612ab74a6cadfd95800da0e4b2257d5442fd4e8558ceb05f907f2f
- SHA512
  
  aeb8a09416fd1c639bffa5ee040ea67bccb5bcd40e79bc4edba9c38cb89789d0775c82a111c2c5de5a87b71783bc76aa243619a8405b42f50874f5ba76b05476
Score

7^/10

evasion themida
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2