Overview

overview

3

Static

static

3

Themida v1...lp.chm

windows7-x64

1

Themida v1...lp.chm

windows10-2004-x64

1

Themida v1...da.exe

windows7-x64

3

Themida v1...da.exe

windows10-2004-x64

1

Themida v1...ct1.js

windows7-x64

1

Themida v1...ct1.js

windows10-2004-x64

1

Themida v1...e.html

windows7-x64

1

Themida v1...e.html

windows10-2004-x64

1

Themida v1...m2.dll

windows7-x64

3

Themida v1...m2.dll

windows10-2004-x64

3

Themida v1...sp.dll

windows7-x64

1

Themida v1...sp.dll

windows10-2004-x64

1

Themida v1...sp.dll

windows7-x64

3

Themida v1...sp.dll

windows10-2004-x64

3

Themida v1...l2.dll

windows7-x64

1

Themida v1...l2.dll

windows10-2004-x64

1

Themida v1...lt.dll

windows7-x64

1

Themida v1...lt.dll

windows10-2004-x64

1

Themida v1...01.dll

windows7-x64

1

Themida v1...01.dll

windows10-2004-x64

1

Themida v1...in.dll

windows7-x64

1

Themida v1...in.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10-01-2024 02:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Themida v1.8.5.5/Themida_v1.8.5.5/ThemidaSDK/ExamplesSDK/Macros/C/Visual C++/vc_example.html

  • Size

    1KB

  • MD5

    97ea28334d67d71e4a96b56d76fe0d15

  • SHA1

    caffb42a57d09d6b8246c583f0d76004fd003d86

  • SHA256

    9965e660e07492e5c45bc7c52b981d1d65f6341a415979742418f5f699c1e771

  • SHA512

    0f2c0e693dd4e83e3c0bd2b68f6015a878f77b87dd0c84da836416b74e4284e8787c19b5d361732ab0d45c2b9c924746d73dba1493d1722b93731db6229120a3

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Users\Admin\AppData\Local\Temp\Themida v1.8.5.5\Themida_v1.8.5.5\ThemidaSDK\ExamplesSDK\Macros\C\Visual C++\vc_example.html"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2268 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2108

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c4c3ef12abc72329d388b69325aa3f5

    SHA1

    b94e29c23251ec39842a33931b6ccfb2e86cf437

    SHA256

    bb259cc869c2780002c3be2d2a942fca9ce6ec897d975d82e9d00d4fd98d9e81

    SHA512

    0c2255724b757bbe72f401ce9e45e407087c724fe5027d480abbda1ee1f39e4fd1047f78c636a9fc85cff61226bd90b2adc15f6d10c00b3cea954fff22cc92f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    55718dd98edb44795ebae2864835af67

    SHA1

    1923ac657f707c377563dfca51b30a4b30919d88

    SHA256

    f93cce00cb048bd5495a5893cf78f7ed5f74165f892597438b38cf4231c63180

    SHA512

    49c8a8be787d2ad3b9a7c9cbbdf874127275f09dcf9f65710a6737af8c2561ccc9d46d6cbd5011eaa1457075534638b2045890af078c2b98ac004d1e3628000b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    de3cafd5ca2152dd8939884b20206a00

    SHA1

    dbc0d42ab9ace0d141fad64d213181bf22d04ce7

    SHA256

    95b6e7d2d77a418c7764d0f503c5515221503543da338091cdec2171596cdd52

    SHA512

    7287fb40f0d4943b2bc27fac1caf5ebf325eb2cda1f7814b999957bddd658d5b819dbf1426b14d82b17c4ac5b536c9448842f48412aa7807b5266cd5699c385d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    711fe4208bc080b7d8176314760a627a

    SHA1

    3df603afd09f90a26d1601d1006c75d7c24fd4d8

    SHA256

    8847e84eb7c56bc6099dc2771456530b95f79ab1ec7c7edda0f96afa5f6fdbbb

    SHA512

    0de91bb9ebfe9c3cab048c8ddde0f3a4fd30843d2fa163a140f5fca693ba0f7d0f60ec8a177f45f2bc64ec68445eee1b48e1054e1e1afd0ba67520495d50637b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e7c21de8876f9fda9e0cec12bf5d6857

    SHA1

    87233a9375181a0d2acbebbf923d69ad93a27294

    SHA256

    0667ee2ae022c31abe9998420c2002ef323252d67ed6477327e0dab92e1c41ba

    SHA512

    8d0031a3b930afecde81bcccdfc95872e8699fd4f642bedfab6c2bbe034247146b6cf1a803c1c844f22df14175af632593b389c61c1df53f0d6380cb7b4ad542

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d55469598c58861bb29185c4a0d188c3

    SHA1

    3fd1d14f6dc874743f013d33d339b5bde63dab9e

    SHA256

    4ab1812e2e384725d4658d4af16a399fd6128520b6c3cb6db8333fe6f55e21c6

    SHA512

    dc5187726d1a85a2e9b6c19979ac45ac9bcd5e7faa45f86bbd5b83fc1350341502c1bab5455c4bf5e23f47cd4a671e854d011fbd20656fced70ad463152f94a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0734a7285a3e6b3570baa7358144c02

    SHA1

    55b000bf76e04ee006191facab7b47235e09629e

    SHA256

    51c31443f82c0254caeb64caac9a6bce8afca7ab14bea29ef5b2bc26d8b23e3a

    SHA512

    289aa738707dc1c2e34ed0f40465506f69e406a00f551e29fb9b99378489f31b0de7cbba241649138615a06d87f7c69ec2dfd16c0f31d236833be3d0dc5b9976

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2569b6ac713fae0ee3f9d591ea12ec15

    SHA1

    7b7919de6af1e3b9a72a3d73b35917e6b090d9d4

    SHA256

    e061448358c6f7ca2a58a4f12ee82ce2be0dd5ea90d32a598206f4cbc32734da

    SHA512

    2c24b63f54636ab9183aa10d19c42520bc547182991ea707040a231a130067397c42f05cca24c9675d72fb49f7f7baabaf164cc00cd68117876fa8483b16494d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cb1f32a7c5d4beb7861eefeab189d7ed

    SHA1

    8d1200ffe67bddd711437f8e45d95a8cc38b8555

    SHA256

    83ae0c1ed728a7fbfa850a6b126bd960e3352ed30b5a1a6b434c8bfb3ff74ac4

    SHA512

    ca7147965a326e33880cde1ff394a5fc5df00d6fa167ade44981066bc9ea9ab519061f49d93a25510006b0c483ff10562649ffd7a57e7e500c17ca7bc41dd159

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab8D54.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar8E41.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit