Overview

overview

7

Static

static

7

70a1aa5704...cb.exe

windows7-x64

7

70a1aa5704...cb.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    42s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    02/11/2022, 13:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    70a1aa57047f844284ddb6a4fc464b54c4bfaa2dd8d4aced800b197ffcee27cb.exe

  • Size

    6.4MB

  • MD5

    6464862099875b98f18d1cae5b9a7d23

  • SHA1

    771cf91776804ea16b643aa60a3695ed6196d621

  • SHA256

    70a1aa57047f844284ddb6a4fc464b54c4bfaa2dd8d4aced800b197ffcee27cb

  • SHA512

    e75065f13e1025a25d43afde3319bfa37e9c0af79210ffc8ab219b9291c1d775308453d722f4fa2a4798383f00af7c58ad606f9126a552e5f2e5a18d2fb78987

  • SSDEEP

    98304:mLpqgyDcTF3xyUY8I+l3QljoW2UC0NJ011L9+eMxk11fupo7Qc14WSvs:E1bYoAljq0NJ0Eeek7upSBIk

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\70a1aa57047f844284ddb6a4fc464b54c4bfaa2dd8d4aced800b197ffcee27cb.exe
    "C:\Users\Admin\AppData\Local\Temp\70a1aa57047f844284ddb6a4fc464b54c4bfaa2dd8d4aced800b197ffcee27cb.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:1500

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1500-54-0x000007FEFBF71000-0x000007FEFBF73000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1500-55-0x000000013F820000-0x00000001408B2000-memory.dmp

          Filesize

          16.6MB

          Download