Overview

overview

10

Static

static

10

2024-03-06...ia.exe

windows7-x64

10

2024-03-06...ia.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-03-06_3d6b0a86cce6ab2b4302fc09a344a9fa_mafia

  • Size

    19.9MB

  • MD5

    3d6b0a86cce6ab2b4302fc09a344a9fa

  • SHA1

    96ce6d8ab90daee6d9d2b965c2d6cb63eb7d39da

  • SHA256

    f35a36d9880d1013f2d765c94bf89cd038d1df15cd1a9cd6c5f6a0b221699516

  • SHA512

    2359749018ef311596341db11c93dc46cdc3468d0c27cd75e0893645d58046ab4ff73b9783285277504c19ce16ebe0b9ea2715a7ccf9cb78b66de0f1b3b0bcbe

  • SSDEEP

    196608:mEx44YhGPQ8SQe3n06b+qKd3+aWV5+4oZXPfiBV:mEV3TOnn+qKdOaWV5+4kXPf4

Score
10/10
vmprotectthemidavidar

Malware Config

Signatures

  • Detect binaries embedding considerable number of cryptocurrency wallet browser extension IDs. 1 IoCs
  • Detects executables packed with Themida 1 IoCs
  • Detects executables packed with VMProtect. 1 IoCs
  • Vidar family
    vidar
  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-03-06_3d6b0a86cce6ab2b4302fc09a344a9fa_mafia
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections