General

  • Target

    eftclient.exe

  • Size

    22.4MB

  • Sample

    240411-ntdzgadg9w

  • MD5

    99eb52f43cb2eda4b8ec31acbcd8cee9

  • SHA1

    e39b61383725cf624ec34aaf019baaf95a7a42de

  • SHA256

    8f97811b103768484b1aca478a19a0165e0e43a86b2065020fd86aaddf70f6d6

  • SHA512

    a6f64d770171a7fb33844dd371d940a3b91d0c14cbc0c3d15fa008141a177215b9081b5a37ef7fecec9e59977f859b783cc436a167421f9d9e37499e287bbabc

  • SSDEEP

    393216:LfCYnMLoUDNC0bLCq4SjOdv2xH0THPsRWkWplYJAHga3Lo3+fr1E:LfCypGBt4lhTH0cvpCr0LPy

Score
7/10

Malware Config

Targets

    • Target

      eftclient.exe

    • Size

      22.4MB

    • MD5

      99eb52f43cb2eda4b8ec31acbcd8cee9

    • SHA1

      e39b61383725cf624ec34aaf019baaf95a7a42de

    • SHA256

      8f97811b103768484b1aca478a19a0165e0e43a86b2065020fd86aaddf70f6d6

    • SHA512

      a6f64d770171a7fb33844dd371d940a3b91d0c14cbc0c3d15fa008141a177215b9081b5a37ef7fecec9e59977f859b783cc436a167421f9d9e37499e287bbabc

    • SSDEEP

      393216:LfCYnMLoUDNC0bLCq4SjOdv2xH0THPsRWkWplYJAHga3Lo3+fr1E:LfCypGBt4lhTH0cvpCr0LPy

    Score
    7/10
    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks