Overview

overview

7

Static

static

7

1b7243811b...bd.exe

windows7-x64

7

1b7243811b...bd.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b7243811b0c420887f628b58542b8bd

  • Size

    1020KB

  • Sample

    231225-abeamahhd6

  • MD5

    1b7243811b0c420887f628b58542b8bd

  • SHA1

    ecc7f5ef1e672e3adb66faf5f0421505df05981e

  • SHA256

    4ee9fa607a450cd22a9c38366de6141899e1311d75feecc6838f559acbc5a005

  • SHA512

    7b68345f6f32c7e4c023c37bf3de66a37afb1f2aabf0e2cc84dd8ff1a787b28e3abc306d66020cbd34b187dd945ada9e96e191edb81520a018044dcecf4222a6

  • SSDEEP

    12288:Db9xnx1VDyHG/Rwt0dVBFWIgdssyi1lwLVab5gz/aQpEqVzjpPpt3Owwbu6WfKan:ffgYRw2zAyubuTCUtRH5zfRGjAP8A

Score
7/10
evasionthemida

Malware Config

Targets

    • Target

      1b7243811b0c420887f628b58542b8bd

    • Size

      1020KB

    • MD5

      1b7243811b0c420887f628b58542b8bd

    • SHA1

      ecc7f5ef1e672e3adb66faf5f0421505df05981e

    • SHA256

      4ee9fa607a450cd22a9c38366de6141899e1311d75feecc6838f559acbc5a005

    • SHA512

      7b68345f6f32c7e4c023c37bf3de66a37afb1f2aabf0e2cc84dd8ff1a787b28e3abc306d66020cbd34b187dd945ada9e96e191edb81520a018044dcecf4222a6

    • SSDEEP

      12288:Db9xnx1VDyHG/Rwt0dVBFWIgdssyi1lwLVab5gz/aQpEqVzjpPpt3Owwbu6WfKan:ffgYRw2zAyubuTCUtRH5zfRGjAP8A

    Score
    7/10
    evasionthemida

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks