General

  • Target

    Echo Mirage.zip

  • Size

    40.5MB

  • MD5

    043118c232664bd0ba3962f023944022

  • SHA1

    658472585efe6ad0898a8530774e95a4f90c6f97

  • SHA256

    66881a10cea99282f918cf581f56d78a43fdca443a4da1f55087106aa99e1d68

  • SHA512

    b70b9d203be9ab34c3b90df6d74d24cdb20cbfcbc7aabdc4dde44e002c56955b4ad28851ede2e8e756e8a6d7a9a439b2ecfc8828a8fb9794f9b5b900bc10f367

  • SSDEEP

    786432:vT+/FE6wh/iu0W8iKZLquzfuWVEkOLmCsTTYqd7CpbpNi7IkutMnW2F:L+/m6wh/QW81Hzf0TLTs9ECXtL

Score
7/10

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • Echo Mirage.zip
    .zip
  • Discord.exe
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • EchoMirage.exe
    .exe windows:5 windows x64 arch:x64

    00487aa74c91a4dc86982f2621e35a8b


    Headers

    Imports

    Exports

    Sections

  • EchoMirageHooks32.dll
    .dll windows:5 windows x86 arch:x86

    d366e396ccbec601ae4b65ac499b8bff


    Headers

    Imports

    Sections

  • EchoMirageHooks64.dll
    .dll windows:5 windows x64 arch:x64

    26af301f7989ba106062d39730b88f65


    Headers

    Imports

    Sections