Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    09/04/2024, 13:32

General

  • Target

    3004-2-0x0000000000C40000-0x00000000013EB000-memory.exe

  • Size

    7.7MB

  • MD5

    59c62e19f74345d8df26a9a4dd681000

  • SHA1

    174d6652188ef13ab6a5868e83c9ac73746ddd03

  • SHA256

    9de540b55c777754768b520247e889b1d2e0bcc796858ab4bc1cff7086041abc

  • SHA512

    8bf4cbe7e8b385d13672517ffa6ce290acafeac4faef6950418fa094e5c116aa36ab7bcacb88282b3ee65d62f0e61a3b7cb34342f3c287ce87ee17c7e65e8716

  • SSDEEP

    98304:vFsM7fhuW6EsVDoVw2Qwp+hDHsUp1i6/eH4kqQJZ1oXX+dHLiRYWODLOM+TrPsli:dzfhuF0AfHK3qQlo+dHbXDLOzjsvE

Score
7/10

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

Processes

  • C:\Users\Admin\AppData\Local\Temp\3004-2-0x0000000000C40000-0x00000000013EB000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\3004-2-0x0000000000C40000-0x00000000013EB000-memory.exe"
    1⤵
      PID:3028

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/3028-0-0x0000000000030000-0x00000000007DB000-memory.dmp

            Filesize

            7.7MB