0bda2c2edc4b45027af223e35abf9b0226af1ee577196bb20e803266302ce0b8 | Triage

Submit
Reports

Overview

overview

8

Static

static

7

0bda2c2edc...b8.exe

windows7-x64

8

0bda2c2edc...b8.exe

windows10-2004-x64

1

Sharing

General

Target

0bda2c2edc4b45027af223e35abf9b0226af1ee577196bb20e803266302ce0b8
Size

1.2MB
Sample

221029-zm82tafcbq
MD5

8400577beebc35cc12b021dc672f30ac
SHA1

8c152114a5d5c2e2fc5321ed570a5e4636afa2a5
SHA256

0bda2c2edc4b45027af223e35abf9b0226af1ee577196bb20e803266302ce0b8
SHA512

8db2c8eab06ba776ff6662cc9af5c2a05c899922833be33e728c3d2003afef3d31b05389e879575aac92e5467e4f43f48a50530472421a210040fdbe459b0bfd
SSDEEP

24576:tkrA2HckVsIb635JBxc2Tk/rPp5yCWU9b32D7/CDGBZw:tOEIGJZHkjPyClbELCDGY

Score

8^/10

persistence themida

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0bda2c2edc4b45027af223e35abf9b0226af1ee577196bb20e803266302ce0b8.exe

Resource

win7-20220812-en

persistence themida

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

0bda2c2edc4b45027af223e35abf9b0226af1ee577196bb20e803266302ce0b8.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  0bda2c2edc4b45027af223e35abf9b0226af1ee577196bb20e803266302ce0b8
- Size
  
  1.2MB
- MD5
  
  8400577beebc35cc12b021dc672f30ac
- SHA1
  
  8c152114a5d5c2e2fc5321ed570a5e4636afa2a5
- SHA256
  
  0bda2c2edc4b45027af223e35abf9b0226af1ee577196bb20e803266302ce0b8
- SHA512
  
  8db2c8eab06ba776ff6662cc9af5c2a05c899922833be33e728c3d2003afef3d31b05389e879575aac92e5467e4f43f48a50530472421a210040fdbe459b0bfd
- SSDEEP
  
  24576:tkrA2HckVsIb635JBxc2Tk/rPp5yCWU9b32D7/CDGBZw:tOEIGJZHkjPyClbELCDGY
Score

8^/10

persistence themida
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Deletes itself
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencethemida

behavioral2

© 2018-2024

Terms | Privacy