d0015c889c5f65c72a97972d3114179d84fafbeee0d20c984d1603aeac50841e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40473e571c5b9881da0d471f7a24cf8e
Size

1.4MB
Sample

240104-jgmcvsbdam
MD5

40473e571c5b9881da0d471f7a24cf8e
SHA1

d748a92bafacbe760dfaa0e9217f47ad07f7d2aa
SHA256

d0015c889c5f65c72a97972d3114179d84fafbeee0d20c984d1603aeac50841e
SHA512

348de2cfa3c1f805a3a2241810479df19cb40b9851fb72d9c35b9366b09ced28568da3f0ba12afb5ab732d036455d313011b003b7bbfa49f3cb88d0c4392db6a
SSDEEP

24576:1fMCuvNLvAPYVz1/c/U0KscVBR/OmfS3U0mcDG0MfNTt+YpqRJ5Ijy8xeRBfcopG:1fMCYEyz1/caVnOhi50CN0Yp+JOu2eRQ

Score

8^/10

evasion themida

Malware Config

Targets

- Target
  
  40473e571c5b9881da0d471f7a24cf8e
- Size
  
  1.4MB
- MD5
  
  40473e571c5b9881da0d471f7a24cf8e
- SHA1
  
  d748a92bafacbe760dfaa0e9217f47ad07f7d2aa
- SHA256
  
  d0015c889c5f65c72a97972d3114179d84fafbeee0d20c984d1603aeac50841e
- SHA512
  
  348de2cfa3c1f805a3a2241810479df19cb40b9851fb72d9c35b9366b09ced28568da3f0ba12afb5ab732d036455d313011b003b7bbfa49f3cb88d0c4392db6a
- SSDEEP
  
  24576:1fMCuvNLvAPYVz1/c/U0KscVBR/OmfS3U0mcDG0MfNTt+YpqRJ5Ijy8xeRBfcopG:1fMCYEyz1/caVnOhi50CN0Yp+JOu2eRQ
Score

8^/10

evasion themida
- Modifies Windows Firewall
  evasion
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2