113aa0dbeb0b9887dc0e462565b967517e520fb6cb7256ab00298f5610c57148 | Triage

Sharing

General

Target

celex.zip
Size

7.0MB
Sample

240228-xsmdwsbf65
MD5

1c0ea56d187b4c679be381c0de9384cc
SHA1

5d57f2f8503d66546a4029005848703ff7283d7a
SHA256

113aa0dbeb0b9887dc0e462565b967517e520fb6cb7256ab00298f5610c57148
SHA512

53f616d0c51c65224c52a525efb588ca6548cddba4e818ae99a61a814120c7d59d1807d0e0fd956996d3485a7f624c34014e08c31add7f3230b9fd5d79f719d5
SSDEEP

196608:U7jdtqgDtS+MwZp7yjwOlRrJpDGbhBSBr/a:wtTDtSwZmtJpDcA1/a

Score

8^/10

persistence themida

Malware Config

Targets

- Target
  
  crack.exe
- Size
  
  10.3MB
- MD5
  
  35edb0779e02ec906ba08da6115eeae7
- SHA1
  
  c662f58d8421c854b30da34c6e0ddc37783cb953
- SHA256
  
  22646544be869e18d9b35687a6592c3ea1ac0d423badc40cb6059388b1bf362c
- SHA512
  
  82e2fe81587b40e96b4fef23819037809d94c1f0f11393c8b91387a0dbaa70c368498707cd7a66ba71056352af90619d1204db7067f7daa47060ee5c8eee889b
- SSDEEP
  
  98304:QqMT8fPVdo+hZ9ZWI3Blm+AgMnOZ0EVmCs9rhcw3M//OfYts2SsJXkn7IG/HPidx:cs1BlLjZ0EVmCs9rhlSm0siJdeJ
Score

8^/10

persistence themida
- Sets service image path in registry
  persistence
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
behavioral1
- Target
  
  runtime.dll
- Size
  
  60KB
- MD5
  
  aaf2434848fc4d12c61000f74202a41e
- SHA1
  
  102153f76eaea4f6bf6672a117e11587ba3e9924
- SHA256
  
  49f38aebf2d6d4f78a774fb302c29d3bdd02c97f22e0dc9a2447aa11eadc2cc9
- SHA512
  
  debcdbc51ae3fb2b65de3e3701c2215c35f9ef97950c2b441d20a01c591a4d69bbda089d1489f0243b4aacec19d496ba269ebe232bfd3443e20efa97dbb692b8
- SSDEEP
  
  768:/ev9ecf1EurDoDH9V7IawJumTIkijFa989zpE8Cm3sNxVSLYP3eFNOWz09QL:/y9ecOUobAB1Og4zizNrSLYLWz0a
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencethemida

behavioral2