General

  • Target

    tmp

  • Size

    7.9MB

  • MD5

    e6f7f9891edec56d7e39d28d8cf55e3b

  • SHA1

    e0d7d07426294938a140894f14f4435a52d90ce9

  • SHA256

    933acfba8f0bbcc59789466f7d3e37d0242b6a8c363cfdcaad5e48be4e951415

  • SHA512

    d33dd08f0b516992eee5fe6782235fbd65ffc3c50b5a285906dd58040370cd3b1eec880d2742613465bc0e6e379db8c2cd710df59ce139a36e0ce344b7a6ec5e

  • SSDEEP

    196608:FxwEhTWtJTxHWhtMFNN/URuPDyXN3E/MlO46FzKMTgK:FBmJTx2hqiWyXN32MM46Fzzd

Score
7/10

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • tmp
    .exe windows:4 windows x86 arch:x86

    9dda1a1d1f8a1d13ae0297b47046b26e


    Headers

    Imports

    Sections

  • $APPDATA/1ABC.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • $APPDATA/38.exe
    .exe windows:4 windows x86 arch:x86

    f6baa5eaa8231d4fe8e922a2e6d240ea


    Code Sign

    Headers

    Imports

    Sections

  • $APPDATA/m1.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $APPDATA/x1.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    68b7023f8923dd087549802f8fa631c3


    Headers

    Imports

    Exports

    Sections