Analysis
-
max time kernel
139s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
-
submitted
28/08/2023, 06:20
General
-
Target
b63d4ad46802d4767821560969ca40a32e48ab5fdd80ac8461cbc213e1f7f3f3.exe
-
Size
9.0MB
-
MD5
9edfdae286a0d691d27b401f4daa4d8e
-
SHA1
422254f5d2c4ff27b579f93c8de820a6d88109a4
-
SHA256
b63d4ad46802d4767821560969ca40a32e48ab5fdd80ac8461cbc213e1f7f3f3
-
SHA512
227616412b8f4d40c43c9d6da9b0c86d276841c74ef33d06e9c4abeac3f4f76a469247550ea3826c0bdbe6a86bc2dadc8d853b2761178d63fddf33e77e8ba759
-
SSDEEP
196608:3FMCJJSldZFPknPJgiRk2P+lHbcwi1CzIoaRDnda7dTK+4v0nj:1MCJJSrrY5SqwOCqkde+4Mnj
Score
7/10
Malware Config
Signatures
-
Themida packer 5 IoCs
Detects Themida, an advanced Windows software protection system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b63d4ad46802d4767821560969ca40a32e48ab5fdd80ac8461cbc213e1f7f3f3.exe"C:\Users\Admin\AppData\Local\Temp\b63d4ad46802d4767821560969ca40a32e48ab5fdd80ac8461cbc213e1f7f3f3.exe"1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16.4MB
-
Filesize
8KB
-
Filesize
16.4MB
-
Filesize
16.4MB
-
Filesize
16.4MB
-
Filesize
16.4MB