Overview

overview

7

Static

static

7

4da1cc5aa4...af.exe

windows7-x64

7

4da1cc5aa4...af.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    4da1cc5aa4de069b315f139bf7bb42af

  • Size

    620KB

  • Sample

    240109-hmnx7shabp

  • MD5

    4da1cc5aa4de069b315f139bf7bb42af

  • SHA1

    13a77dbd0b455b8a5ed2a5f515e25b290419700a

  • SHA256

    3f25e56bef27d04488d08de69b567cdf73442a351263c57e4d8d3e507a0488c2

  • SHA512

    54e461dfcc3242f69e4cab234542433858961d72326a047bf6e00b14b2e478e83f4896352c39b185fcfc4b6657e97d78c5c92d333082c7303bcd95d9f0247a86

  • SSDEEP

    12288:2SG1WnYouJtzKeprO0HB8nzjTgFDPv98DgqgFkaIHHZEYLMntoJOsMw:27ceteepa0hszj8N3+gEHHjqqJWw

Score
7/10
persistencethemida

Malware Config

Targets

    • Target

      4da1cc5aa4de069b315f139bf7bb42af

    • Size

      620KB

    • MD5

      4da1cc5aa4de069b315f139bf7bb42af

    • SHA1

      13a77dbd0b455b8a5ed2a5f515e25b290419700a

    • SHA256

      3f25e56bef27d04488d08de69b567cdf73442a351263c57e4d8d3e507a0488c2

    • SHA512

      54e461dfcc3242f69e4cab234542433858961d72326a047bf6e00b14b2e478e83f4896352c39b185fcfc4b6657e97d78c5c92d333082c7303bcd95d9f0247a86

    • SSDEEP

      12288:2SG1WnYouJtzKeprO0HB8nzjTgFDPv98DgqgFkaIHHZEYLMntoJOsMw:27ceteepa0hszj8N3+gEHHjqqJWw

    Score
    7/10
    persistencethemida

    • Executes dropped EXE

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks