Overview

overview

7

Static

static

7

f1313a2109...d9.exe

windows7-x64

7

f1313a2109...d9.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f1313a21099ba717c7fe2da8710fd79fd2cd1ea727bbda4477545883fa538dd9

  • Size

    796KB

  • Sample

    221204-n27azsbb8s

  • MD5

    93430a59fddcce9ee3662dcaadbb860a

  • SHA1

    d03f6d6d7400b79f6783f7a90a0518673e0d546b

  • SHA256

    f1313a21099ba717c7fe2da8710fd79fd2cd1ea727bbda4477545883fa538dd9

  • SHA512

    20200809e65cc5e44c6aacbca93c5eecbbb4551d223d572517e13a8f6c901787d48fdbe6caca9607a13ff1aa60eb132798a9355ae6801e73531b32114d3eab77

  • SSDEEP

    12288:eY7HJWxcf5NjUNmaO2JDGEVo1T+OYSzho7cGcF8MEDKB35EJwGXZ6bnHEU:pHJWWf5tUNmaO2JDGEW1VGcKXvJwGyn

Score
7/10
evasionthemida

Malware Config

Targets

    • Target

      f1313a21099ba717c7fe2da8710fd79fd2cd1ea727bbda4477545883fa538dd9

    • Size

      796KB

    • MD5

      93430a59fddcce9ee3662dcaadbb860a

    • SHA1

      d03f6d6d7400b79f6783f7a90a0518673e0d546b

    • SHA256

      f1313a21099ba717c7fe2da8710fd79fd2cd1ea727bbda4477545883fa538dd9

    • SHA512

      20200809e65cc5e44c6aacbca93c5eecbbb4551d223d572517e13a8f6c901787d48fdbe6caca9607a13ff1aa60eb132798a9355ae6801e73531b32114d3eab77

    • SSDEEP

      12288:eY7HJWxcf5NjUNmaO2JDGEVo1T+OYSzho7cGcF8MEDKB35EJwGXZ6bnHEU:pHJWWf5tUNmaO2JDGEW1VGcKXvJwGyn

    Score
    7/10
    evasionthemida

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks