Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09-06-2024 17:56

General

  • Target

    Loader.exe

  • Size

    25.7MB

  • MD5

    be83d304a33f55c1155bc6358e22ed47

  • SHA1

    557f4cf3f604ed8120d42b04e1be1aeff05890de

  • SHA256

    53fd9b4d813c0d5a16a603a360324264df4dd60323aaf7ef068ef3e89fb461ce

  • SHA512

    b1113e41942f70517ab47059608c2acc7a54faf06945b822311549e009edcea5bc78f159ebdf3b4026f03d68b34efb7b2820ea36bc1b877d6afeb0f1b23fded8

  • SSDEEP

    786432:cC9veAdCeM8Di3eaIB14+apjM2fkMANV35Coy/1yr36ZF:H9vvvM8u3eZ1C9M2fkJd5tytF

Score
7/10

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Suspicious use of NtSetInformationThreadHideFromDebugger 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Loader.exe
    "C:\Users\Admin\AppData\Local\Temp\Loader.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    PID:2752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2752-0-0x0000000140000000-0x00000001434C0000-memory.dmp

    Filesize

    52.8MB