Overview

overview

7

Static

static

7

1596-58-0x...ry.exe

windows7-x64

1596-58-0x...ry.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-03-2024 12:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1596-58-0x0000000000BC0000-0x000000000199A000-memory.exe

  • Size

    13.9MB

  • MD5

    227262e17e90a5823a33425f65eba3e3

  • SHA1

    02bf1aeee9dafc8a08410207bf826bb326b5122c

  • SHA256

    c73e121e55c5587d38c687df4a41e647da1540ae348ede86557f0b9309d5bb23

  • SHA512

    fea654a32480449ecd0cd218bac2caeee87e73d3dded7e9273f3ed8c881db82106d3e9b01bf70608625d0c0992442a6d22c3362656b521ff9bb1d6aa4d586ac2

  • SSDEEP

    196608:KMO2bLwFhe8EBhrdCcFTuHvp6jD2+lSkcT81TQCDry2GBrq8B8rc+Q:rOEyhOdLTAwjar8TzDry2G5GpQ

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida

Processes

  • C:\Users\Admin\AppData\Local\Temp\1596-58-0x0000000000BC0000-0x000000000199A000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\1596-58-0x0000000000BC0000-0x000000000199A000-memory.exe"
    1⤵
      PID:5004

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5004-0-0x00000000744F0000-0x0000000074CA0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/5004-1-0x0000000000660000-0x000000000143A000-memory.dmp

      Filesize

      13.9MB

      Download

    • memory/5004-2-0x00000000038D0000-0x00000000038D6000-memory.dmp

      Filesize

      24KB

      Download

    • memory/5004-3-0x00000000064C0000-0x0000000006AD8000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/5004-4-0x0000000005FB0000-0x00000000060BA000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/5004-5-0x0000000005EC0000-0x0000000005ED2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/5004-6-0x0000000005D90000-0x0000000005DA0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/5004-7-0x0000000005F20000-0x0000000005F5C000-memory.dmp

      Filesize

      240KB

      Download

    • memory/5004-8-0x00000000060C0000-0x000000000610C000-memory.dmp

      Filesize

      304KB

      Download

    • memory/5004-9-0x00000000744F0000-0x0000000074CA0000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/5004-10-0x0000000005D90000-0x0000000005DA0000-memory.dmp

      Filesize

      64KB

      Download