General

  • Target

    loader_patched_by_cypher.exe

  • Size

    8.6MB

  • Sample

    240302-3qavzaae21

  • MD5

    c71b1d59edf0689bc03a41f7d7c91843

  • SHA1

    66e7c50307168b279d3d2acac9caeecad5283f52

  • SHA256

    d552d463a5bdc43885b1cf4d86b9ed98c80fc877416729b84cf5d4986bec94c2

  • SHA512

    4954b97c5c330b9abf2ca87bbf77f76a8075cdb6008ee1610473f7872858827b58dce0cfb53f61a913781e8a9d6ab254da46308e5a734fc6b83559605973a698

  • SSDEEP

    196608:QPnlJvkC3OOXDLzFgyBRZahPDBlPreVr:Cnz3OcDLzFgy4hPDBt4

Score
8/10

Malware Config

Targets

    • Target

      loader_patched_by_cypher.exe

    • Size

      8.6MB

    • MD5

      c71b1d59edf0689bc03a41f7d7c91843

    • SHA1

      66e7c50307168b279d3d2acac9caeecad5283f52

    • SHA256

      d552d463a5bdc43885b1cf4d86b9ed98c80fc877416729b84cf5d4986bec94c2

    • SHA512

      4954b97c5c330b9abf2ca87bbf77f76a8075cdb6008ee1610473f7872858827b58dce0cfb53f61a913781e8a9d6ab254da46308e5a734fc6b83559605973a698

    • SSDEEP

      196608:QPnlJvkC3OOXDLzFgyBRZahPDBlPreVr:Cnz3OcDLzFgy4hPDBt4

    Score
    8/10
    • Sets service image path in registry

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks