General

  • Target

    SkylineEngine.rar

  • Size

    7.7MB

  • Sample

    240409-v3vrxade85

  • MD5

    5cd47fac2c4825210044e66f1ba7abab

  • SHA1

    d2f88e3c17d8507d1eb2c166adb96cc28056aeb9

  • SHA256

    3495bbc4dfb23cf8aada10c8ed9c23c2f5d42ee77c0021adabadac6eea3202f7

  • SHA512

    910048637e58fdcf771c65f73a501f1c3a11ecc16f90f260ae3612e95d74871bf6e056a4bed38c9893cd06b4d44beedc96c4d2e6a903e8a36de45336ee0ee10d

  • SSDEEP

    196608:hezwTxaqAIN8eHiLAZgj+XzBhBsDaB0WXSieR:CwTAqPN8eHiJaDBhBsIFXSP

Score
7/10

Malware Config

Targets

    • Target

      SkylineEngine.exe

    • Size

      7.8MB

    • MD5

      c8403888abf7aee73e032467b757ed25

    • SHA1

      345f5a909d675dcfbb77f0cd199384cb656b5be5

    • SHA256

      b3e095182c167c34dbb36c1a6b409a6af0fd22799ae8f4f2478f3ca5500c42d2

    • SHA512

      b689e7ec0040bcd4d94f077cfc55aea71ccd49a22bc55250e7fa3d82835c568c61bb8aa38975105fce6ba2107de6fb3fb15ffbcc579efe96862278709be18799

    • SSDEEP

      196608:NJkBLMIO2o6BxtA/Qh1Ef/0hgbv0FEjURiZKC0WY0cJ99s6EYi46:y4qBxtAs2nEgbv0FDiHcvJ9PEY

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

MITRE ATT&CK Enterprise v15

Tasks