Overview

overview

10

Static

static

10

decomA/CRACK.exe

windows7-x64

7

decomA/CRACK.exe

windows10-2004-x64

7

decomA/Req...TY.dll

windows7-x64

1

decomA/Req...TY.dll

windows10-2004-x64

1

decomA/Req...on.dll

windows7-x64

1

decomA/Req...on.dll

windows10-2004-x64

1

decomA/Req...le.dll

windows7-x64

1

decomA/Req...le.dll

windows10-2004-x64

1

decomA/antagonist.exe

windows7-x64

10

decomA/antagonist.exe

windows10-2004-x64

10

decomA/bas...st.exe

windows7-x64

7

decomA/bas...st.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    decomA.rar

  • Size

    49.4MB

  • MD5

    1f3ef02aee57f22b2fcb8df44d7c2362

  • SHA1

    2a8fe1c52af907ea1fb5aeb7b77816ef3a1b5ee5

  • SHA256

    ce9413c48ca2bfd1548d7f266c490e98e1ed4a4e9d8af776e23b08a2b22fd1d3

  • SHA512

    6e07c268732d0d98c250c10db4ac3017c6af49f4b14f42080eb2addc53d247a6ee646b2635f64106a9e3df3b13c9e5befe364e5dd5ea14f1a4300bd4f45ba4d2

  • SSDEEP

    1572864:dutygPHd55cSHSTFPZllqzCIZzeb9eU+5t3OR55Wa+:kpbCSsdqOZsU+5t3OR55f+

Score
10/10
pyinstallerthemidaempyreannanocore

Malware Config

Signatures

  • Detects Empyrean stealer 2 IoCs
  • Empyrean family
    empyrean
  • Nanocore family
    nanocore
  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Detects Pyinstaller 2 IoCs
    pyinstaller
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • decomA.rar
    .rar

    Password: AC-Crack-IDA285

  • decomA/AntagonistProj.csproj
  • decomA/CRACK.config
    .exe windows:5 windows x86 arch:x86

    Password: AC-Crack-IDA285

    9222d372923baed7aa9dfa28449a94ea


    Headers

    Imports

    Sections

  • main.pyc
  • decomA/RequiredDLL/Input/EHoTY.dll
    .dll windows:4 windows x86 arch:x86

    Password: AC-Crack-IDA285

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • decomA/RequiredDLL/Input/EnHDialation.dll
    .dll windows:4 windows x86 arch:x86

    Password: AC-Crack-IDA285

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • decomA/RequiredDLL/Input/SWIHandle.dll
    .dll windows:4 windows x86 arch:x86

    Password: AC-Crack-IDA285

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • decomA/RequiredDLL/Output/DLLInputOutput/Output.md
  • decomA/UserReconfig.user
  • decomA/antagonist.exe
    .exe windows:5 windows x86 arch:x86

    Password: AC-Crack-IDA285

    9222d372923baed7aa9dfa28449a94ea


    Headers

    Imports

    Sections

  • main.pyc
  • decomA/app.config
  • decomA/basefile/antagonist.exe
    .exe windows:6 windows x64 arch:x64

    Password: AC-Crack-IDA285


    Headers

    Sections

  • decomA/basefile/properties/PROP.md
  • decomA/locales/EN.pak
  • decomA/locales/FR.pak
  • decomA/locales/GER.pak
  • decomA/locales/IT.pak
  • decomA/locales/PO.pak
  • decomA/locales/RU.pak
  • decomA/packages.config
  • decomA/readme.md
  • decomA/report/ErrorLog.md