Overview

overview

7

Static

static

7

main.7z

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    main.7z

  • Size

    15.7MB

  • Sample

    240608-yv7naagc78

  • MD5

    d1379cdf0a168ee0a40657bb3e0f5209

  • SHA1

    d368ebac0ba6a0078f936efeb1158730063909fa

  • SHA256

    fda11b1f0ad7f7724b29c97b309e88274c3b0c831b47ea423edd4403db933c39

  • SHA512

    50617ea1ea343be6c191df328741f3654d6c7d9590eaf7de33e4ba5ffd8dcf0c1faaa9c70822fc7f0d348fe0f8ea262ed34ca696774a2d6f1528b54f911e742f

  • SSDEEP

    393216:hb8rFpcfE5dV2OaUG2yfP4QLe/Z1HLaDn8M8ogsOLia200:KrDc85paN2yY6e/vgkoXOLr27

Score
7/10
persistencethemida

Malware Config

Targets

    • Target

      main.7z

    • Size

      15.7MB

    • MD5

      d1379cdf0a168ee0a40657bb3e0f5209

    • SHA1

      d368ebac0ba6a0078f936efeb1158730063909fa

    • SHA256

      fda11b1f0ad7f7724b29c97b309e88274c3b0c831b47ea423edd4403db933c39

    • SHA512

      50617ea1ea343be6c191df328741f3654d6c7d9590eaf7de33e4ba5ffd8dcf0c1faaa9c70822fc7f0d348fe0f8ea262ed34ca696774a2d6f1528b54f911e742f

    • SSDEEP

      393216:hb8rFpcfE5dV2OaUG2yfP4QLe/Z1HLaDn8M8ogsOLia200:KrDc85paN2yY6e/vgkoXOLr27

    Score
    7/10
    persistencethemida

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Registers COM server for autorun

      persistence

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks