0abfed3f99a461acfe92801f6d00786391dc6278bfa4f8a7b12a6b888b93205f | Triage

Analysis

max time kernel
12s
max time network
16s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
19/07/2023, 17:47

Sharing

Report Analysis Logs

General

Target

BO2Pluto.exe
Size

3.6MB
MD5

37d4826fd498fbd4627ef6dbec59b0fb
SHA1

9a7d92e86d3b2f5f65acc0b013e80aa5274bb450
SHA256

0abfed3f99a461acfe92801f6d00786391dc6278bfa4f8a7b12a6b888b93205f
SHA512

2d5f8bf700501947373ef5a228607831d96aba9000b361473942ee77c891048abd792ac9f515f8d55eddc80c71d3262634e39459818676ccfe3df84155292a0c
SSDEEP

98304:ezFF1vMh0GYNcGpadbhzDRHkoCvwijhoAb7RKylM:ezF3MZ4cRdbJDREjoijhoAxDM

Score

7^/10

themida

Malware Config

Signatures

Themida packer 2 IoCs

Detects Themida, an advanced Windows software protection system.

resource	yara_rule
behavioral1/memory/2312-54-0x0000000000FD0000-0x0000000001855000-memory.dmp	themida
behavioral1/memory/2312-55-0x0000000000FD0000-0x0000000001855000-memory.dmp	themida

C:\Users\Admin\AppData\Local\Temp\BO2Pluto.exe
"C:\Users\Admin\AppData\Local\Temp\BO2Pluto.exe"
1⤵
PID:2312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2312-54-0x0000000000FD0000-0x0000000001855000-memory.dmp

Filesize
8.5MB

Download
memory/2312-55-0x0000000000FD0000-0x0000000001855000-memory.dmp

Filesize
8.5MB

Download