Overview

overview

8

Static

static

8

f38dd5dc3f...3b.exe

windows7-x64

8

f38dd5dc3f...3b.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f38dd5dc3f8589bc824e93993008aadaf7336dece1a39fad862efe63a45f403b

  • Size

    1.1MB

  • Sample

    221203-yrr4esba83

  • MD5

    9241dccdbc643b83b848aaa3b7bf1edd

  • SHA1

    2edf946d172d2305fdd270be21f3c769a2b74b56

  • SHA256

    f38dd5dc3f8589bc824e93993008aadaf7336dece1a39fad862efe63a45f403b

  • SHA512

    d7d1120da38a679c7f80fc084739f0378aa4046265befb13280dd1b456957d0b9282ed13effe482bce7af762440d83a9b68dd3bb6c9935ed98d4f6794f8c9750

  • SSDEEP

    24576:lI4D+SK9c8wA2ChKnPxTl3Zqv9GWCUJIVJj5M:lIbWRYetl8VrI/j5M

Score
8/10
themidaupx

Malware Config

Targets

    • Target

      f38dd5dc3f8589bc824e93993008aadaf7336dece1a39fad862efe63a45f403b

    • Size

      1.1MB

    • MD5

      9241dccdbc643b83b848aaa3b7bf1edd

    • SHA1

      2edf946d172d2305fdd270be21f3c769a2b74b56

    • SHA256

      f38dd5dc3f8589bc824e93993008aadaf7336dece1a39fad862efe63a45f403b

    • SHA512

      d7d1120da38a679c7f80fc084739f0378aa4046265befb13280dd1b456957d0b9282ed13effe482bce7af762440d83a9b68dd3bb6c9935ed98d4f6794f8c9750

    • SSDEEP

      24576:lI4D+SK9c8wA2ChKnPxTl3Zqv9GWCUJIVJj5M:lIbWRYetl8VrI/j5M

    Score
    8/10
    themidaupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks