General

  • Target

    MDE_File_Sample_a7b08c5227420707681b8bfaf8ace4fe74137019.zip

  • Size

    3MB

  • MD5

    f1623c382e942ea855cfae484e89eb45

  • SHA1

    e7eff75f745d3069497292bb7ae8cdc97e6bda68

  • SHA256

    52ce44430e91b06b57d0b1486918b75ac9c5c4bfd3454cff095dd47e23a029fe

  • SHA512

    80f3d6297c6e7f6a0492e0fc0170df1158e0ec6ae3e8e58259447d934deffe32a462cf89807d3d7c2ebe1655ab3aa4c6ea9bf65ecd301db5bf99262d56590afa

  • SSDEEP

    49152:MMt2szcJRcaSfUYPDigvP30UCe3Hb6mCVoYtzaX+vVaZZi39K:MMt2IcJWaIl/0pUHb61nt+XwVaZZX

Score
7/10

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

Files

  • MDE_File_Sample_a7b08c5227420707681b8bfaf8ace4fe74137019.zip
    .zip

    Password: infected1234

  • Setup.zip
    .zip

    Password: infected1234

  • Setup.exe
    .exe windows x86

    Password: infected1234


    Code Sign

    Headers

    Sections

  • langs/Croatian.ini
  • langs/Danish.ini
  • langs/English.ini
  • langs/Finnish.ini
  • langs/Hebrew.ini
  • langs/Hungarian.ini
    .ps1
  • langs/Indonesian.ini
  • langs/Japanese.ini
  • langs/Kazakh.ini
  • langs/Korean.ini
    .ps1
  • langs/Kurdish.ini
  • langs/Norwegian.ini
  • langs/SimpChinese.ini
  • langs/Sinhala.ini
  • langs/Slovak.ini
  • langs/Swedish.ini
  • langs/Thai.ini
  • langs/TradChinese.ini
  • langs/Ukrainian.ini
  • langs/UyghurLatin.ini
  • langs/Uzbek.ini
  • langs/Vietnamese.ini