Overview

overview

7

Static

static

7

loader.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    1686s
  • max time network
    1633s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 20:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    loader.exe

  • Size

    4.0MB

  • MD5

    f58dd04f32283b3486a2975d9799ccaf

  • SHA1

    55ccf0d233a324629bdef83137128c0c3842a644

  • SHA256

    89bad645a84de650a4d3b032e2438a04a7bd31f360fd1f0228d5a6676b23025b

  • SHA512

    150d19a2d3528e9d4866c0e9499c623ae4f60b7d1db5c5345ad52a72d287f1325392c4ef6138e9ce4cd1a4696ba45a0d6a779d0ab951eb240b6b292ca78959cb

  • SSDEEP

    98304:IiK+YxxzyCFvL2RlgXt5LutKevmgiihvpl4:2+YjzyCNL2LctVut7p4

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida

Processes

  • C:\Users\Admin\AppData\Local\Temp\loader.exe
    "C:\Users\Admin\AppData\Local\Temp\loader.exe"
    1⤵
      PID:396
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:2432
      • C:\Users\Admin\AppData\Local\Temp\loader.exe
        "C:\Users\Admin\AppData\Local\Temp\loader.exe"
        1⤵
          PID:3808

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/396-0-0x00007FF7C0520000-0x00007FF7C0F62000-memory.dmp
          Filesize

          10.3MB

          Download