Analysis
-
max time kernel
113s -
max time network
116s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
11/10/2022, 05:41
Behavioral task
behavioral1
Sample
ccd2d553756500706427b4847803c618b8673aa21267057117dab60796fac8af.exe
Resource
win7-20220812-en
11 signatures
150 seconds
General
-
Target
ccd2d553756500706427b4847803c618b8673aa21267057117dab60796fac8af.exe
-
Size
873KB
-
MD5
75829f633e07a0321d13248a1b6d44b0
-
SHA1
39755b13b7377dafa84418233d80a705da282802
-
SHA256
ccd2d553756500706427b4847803c618b8673aa21267057117dab60796fac8af
-
SHA512
a31380f9eb6a319ca08d24bbf8a8b80c17d45380dd5b4431e1bf38d8e320b864d7a7a318332a4b5e8e74a650c27ca2c1c73145ce9e1b7d719fe916676cedb220
-
SSDEEP
24576:JhQ2DLmDkJY80lSM1D5NcnpFZRvHQ9HJDNC:JhxDaQJ70lS2kNRo5b
Malware Config
Signatures
-
Identifies Wine through registry keys 2 TTPs 1 IoCs
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
description ioc Process Key opened \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000\Software\Wine ccd2d553756500706427b4847803c618b8673aa21267057117dab60796fac8af.exe -
resource yara_rule behavioral2/memory/1496-132-0x0000000013140000-0x0000000013339000-memory.dmp themida behavioral2/memory/1496-133-0x0000000013140000-0x0000000013339000-memory.dmp themida