Overview

overview

7

Static

static

7

99a726ef6f...a2.exe

windows7-x64

7

99a726ef6f...a2.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    13-02-2024 16:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    99a726ef6f28962e591b0b64cf513fa2.exe

  • Size

    1.7MB

  • MD5

    99a726ef6f28962e591b0b64cf513fa2

  • SHA1

    b7e854a0bc339dd239ad26ec60f744a7a12b8b78

  • SHA256

    23c37a76b0f052f10e9b863f5eedb7d2329ba25b8a1652d198876edbce84333e

  • SHA512

    a6d8c1098a790c78d19c52bbd734370819a381e9a2cf1b08cea93ffb9d09da208a5587467a28eafef29a2a0a14b7d6d2017af4adb6bb8849730421a64c1a2da2

  • SSDEEP

    49152:WT3XDxq2KGpaifSVAg6z2AT0NuJ/GsMGSrvmDsp:S3XY2FB8eTxOp5vF

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 15 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\99a726ef6f28962e591b0b64cf513fa2.exe
    "C:\Users\Admin\AppData\Local\Temp\99a726ef6f28962e591b0b64cf513fa2.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1940

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1940-0-0x00000000003F0000-0x00000000003F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1940-1-0x0000000000300000-0x00000000003E8000-memory.dmp

    Filesize

    928KB

    Download

  • memory/1940-2-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-12-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-13-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-14-0x00000000003F0000-0x00000000003F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1940-15-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-16-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-17-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-18-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-19-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-20-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-21-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-22-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-23-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-24-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-25-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1940-26-0x0000000000400000-0x0000000000546000-memory.dmp

    Filesize

    1.3MB

    Download