Overview

overview

9

Static

static

7

WinControl...ed.exe

windows7-x64

9

WinControl...ed.exe

windows10-2004-x64

9

디펜터�...gs.vbs

windows7-x64

3

디펜터�...gs.vbs

windows10-2004-x64

1

디펜터�...ol.exe

windows7-x64

7

디펜터�...ol.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f2ce87e5b4a14eb64d1d585fbf29ed9eb65ce236fc55c2af35fe3eafbffc45fe

  • Size

    4.0MB

  • MD5

    f0f1ab764f74b3fa36fddd056d865c8e

  • SHA1

    6d8ea11ba8ad1c90a827c46bfe6e4cbbfcbb3842

  • SHA256

    f2ce87e5b4a14eb64d1d585fbf29ed9eb65ce236fc55c2af35fe3eafbffc45fe

  • SHA512

    79c17e7a5bf125df0ee52b94160e95e90fbd43e35eadcb8b701a78ab5f5cd1e2d239d12acb4164bce55142a2b3b59f1fc629246a887ccf852d4b592f675c48b6

  • SSDEEP

    98304:axZR0OpPFrIvsKety1hydMoO6fa0Nj5xF3RayHzQt2TVC:aZBKOy1hmO70NjRhagQt2TVC

Score
7/10
themidaupx

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • f2ce87e5b4a14eb64d1d585fbf29ed9eb65ce236fc55c2af35fe3eafbffc45fe
    .zip
  • WinController_protected.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 디펜터끄기/Defender_Settings.vbs
    .vbs
  • 디펜터끄기/ReadMe.txt
  • 디펜터끄기/dControl.exe
    .exe windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • 디펜터끄기/dControl.ini