General

  • Target

    5b3d63597f12ff65cf89a4de062aa5cb.bin

  • Size

    23.6MB

  • MD5

    92dec81e618c1827f508b29277794964

  • SHA1

    9ca7dfb9dba36c96fb5fe7f9c6f904bc93f4e477

  • SHA256

    6e013415a3c3657ea9da4b8dfb43f64c4f294e29747fbdb50807b948cf2a3f99

  • SHA512

    1e049141894920eadaa87fd4190fc42485baa2f2dc073d7f063271dd14ea043df51bc543332a0e3100058eeb1bb52271a58a5270986132cee844451399d7bb74

  • SSDEEP

    393216:oK2473nOa7Z0rjRkjeZhKtcTJXtD2Hcw5/HXA7bqUCVH/Mh0cDY6LnwO2csXc2Fi:rXnOISnRkje+4ScGHw7mUC0h3vLwO29Q

Score
7/10

Malware Config

Signatures

  • Themida packer 2 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 5b3d63597f12ff65cf89a4de062aa5cb.bin
    .zip

    Password: infected

  • 00a8cd120fc7b04b5958107af78c965e5e132d6585bd585ad5b16421edc8456a.zip
    .zip

    Password: infected

  • OLZHWSMUOW.GuJ
    .dll windows x86

    Password: infected


    Headers

    Exports

    Sections

  • qDu.u.ahk
  • qDu.u.exe
    .exe windows x86

    Password: infected

    843075fba28109153465b53d9d36a319


    Headers

    Imports

    Sections

  • OLZHWSMUOW.GuJ
    .dll windows x86

    Password: infected


    Headers

    Exports

    Sections

  • qDu.u.ahk
  • qDu.u.exe
    .exe windows x86

    Password: infected

    843075fba28109153465b53d9d36a319


    Headers

    Imports

    Sections