Overview

overview

9

Static

static

7

release (1).zip

windows10-2004-x64

9

memzFree.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    release (1).zip

  • Size

    13.1MB

  • MD5

    0f83a21f8afa367744e7be056b2b8368

  • SHA1

    7c050884e2cfa13e0acc6f4a0d7d5ae3fc1b1b15

  • SHA256

    8910eec5c20adcc4cafdcdaccfde00dad442ff881bc06081b5d894f7360f1c4b

  • SHA512

    3ac8c712f56695eb4f2034dde2f25e8dc633a7e823f78e80b4e2aeb2d7a4a0527b7c82c8cf301218806fa30bab674dc7cdf8b4dbfad307b256c773c1690362d5

  • SSDEEP

    393216:naMbV7HGACeL5pdGrHD0lMVUuzwM0kw/9LZL:n9qE5pd8D0lswaw7L

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 2 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • release (1).zip
    .zip

    Password: memz.solutions

  • beluga/Asuspdp.bat
  • beluga/Check.bat
  • beluga/Cleaner.bat
  • beluga/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    4fbdc03e4487f98fb59360ea5b3e640d


    Code Sign

    Headers

    Imports

    Sections

  • beluga/amigendrv64.sys
    .sys windows:10 windows x64 arch:x64

    f9141c3df8f7ec7b3f2d46265a3b5528


    Code Sign

    Headers

    Imports

    Sections

  • beluga/beleaua.exe
    .exe windows:6 windows x64 arch:x64

    Password: memz.solutions

    ed928bd060b03bab412d37a11b9d26a0


    Headers

    Imports

    Sections

  • beluga/hitler.exe
    .exe windows:6 windows x64 arch:x64

    Password: memz.solutions

    ed928bd060b03bab412d37a11b9d26a0


    Headers

    Imports

    Sections

  • beluga/ipv44.bat
  • beluga/macdelete.bat
  • beluga/mov.bat
  • beluga/valispaida.sys
    .sys windows:6 windows x64 arch:x64

    363922cc73591e60f2af113182414230


    Code Sign

    Headers

    Imports

    Sections

  • checker.bat
  • cleaners/FortniteCleaner.bat
  • cleaners/applecleaner_2.exe
    .exe windows:6 windows x64 arch:x64

    Password: memz.solutions


    Headers

    Sections

  • cleaners/cleaner.bat
  • cleaners/cleaner2.bat
  • cleaners/cleaner3.bat
    .bat .vbs
  • memzFree.exe
    .exe windows:6 windows x64 arch:x64

    Password: memz.solutions


    Headers

    Sections

  • woofer.exe
    .exe windows:6 windows x64 arch:x64

    Password: memz.solutions

    883dbcbf7cd46be1792b1f3bd99a7bc0


    Headers

    Imports

    Sections