Overview

overview

7

Static

static

f13954f655...d6.exe

windows7-x64

7

f13954f655...d6.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f13954f655bcc1000197069dcd27b1ea59cf951909bf20d73e9a399f2f6b75d6

  • Size

    796KB

  • Sample

    221014-lt7knshhhp

  • MD5

    74dd608786af2baa84bc5bd1f4dc7844

  • SHA1

    ae159d3532e91ab7ea8dff50cad329178e066e98

  • SHA256

    f13954f655bcc1000197069dcd27b1ea59cf951909bf20d73e9a399f2f6b75d6

  • SHA512

    fb8a480c40cfde25d811b0eb38c28f8a9a1def5d1dfeb13a31f2cd39ea75b68b4d9b33249b0ad7b1964eb6fa88be1cd61d73d923d862dcae29ef089e3abe2db4

  • SSDEEP

    24576:wV/8hV53TP9/haZnUG7y7WC8CHRVGEDJO273h:wVeV95cZnX7WzXGEDJp7R

Score
7/10
evasionthemida

Malware Config

Targets

    • Target

      f13954f655bcc1000197069dcd27b1ea59cf951909bf20d73e9a399f2f6b75d6

    • Size

      796KB

    • MD5

      74dd608786af2baa84bc5bd1f4dc7844

    • SHA1

      ae159d3532e91ab7ea8dff50cad329178e066e98

    • SHA256

      f13954f655bcc1000197069dcd27b1ea59cf951909bf20d73e9a399f2f6b75d6

    • SHA512

      fb8a480c40cfde25d811b0eb38c28f8a9a1def5d1dfeb13a31f2cd39ea75b68b4d9b33249b0ad7b1964eb6fa88be1cd61d73d923d862dcae29ef089e3abe2db4

    • SSDEEP

      24576:wV/8hV53TP9/haZnUG7y7WC8CHRVGEDJO273h:wVeV95cZnX7WzXGEDJp7R

    Score
    7/10
    evasionthemida

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks