Overview

overview

10

Static

static

7

7d3433a5b3...21.exe

windows7-x64

10

7d3433a5b3...21.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    103s
  • max time network
    109s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-10-2022 17:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7d3433a5b3894c40122e42abab826e9259020a7595940c768a499220b7756d21.exe

  • Size

    1.7MB

  • MD5

    0e4bcdc9c7eec942f5953b993fc7b2c5

  • SHA1

    b6ba31303dca81110508827f1ded27d582ed3c25

  • SHA256

    7d3433a5b3894c40122e42abab826e9259020a7595940c768a499220b7756d21

  • SHA512

    f242f8c13575e5b6f922a3a2b3decd61d825215aeeaccec144bda79874175497b5dc84cf2b946e6ff460f888cf92c6cda0e942c3a2d726fec31591bdb7b610e4

  • SSDEEP

    49152:vHJBDwVp9IZZWww1GcdK1jq9m0WW3NLr9Xvv:vHX0VwZZNw1GZyLX3NFXv

Score
7/10
evasionthemida

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion
  • Themida packer 2 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida

Processes

  • C:\Users\Admin\AppData\Local\Temp\7d3433a5b3894c40122e42abab826e9259020a7595940c768a499220b7756d21.exe
    "C:\Users\Admin\AppData\Local\Temp\7d3433a5b3894c40122e42abab826e9259020a7595940c768a499220b7756d21.exe"
    1⤵
    • Identifies Wine through registry keys
    PID:1612

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1612-132-0x0000000000400000-0x000000000085C000-memory.dmp

    Filesize

    4.4MB

    Download

  • memory/1612-133-0x0000000000400000-0x000000000085C000-memory.dmp

    Filesize

    4.4MB

    Download