Analysis Overview
score
7/10
SHA256
a3ee557bb817bf43211b2bb5149e51df21ac76bf7e791006827c2099f235a974
Threat Level: Shows suspicious behavior
The file ConsoleApplication1_THEMIDA.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Themida packer
Unsigned PE
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-06-15 02:16
Signatures
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-15 02:16
Reported
2024-06-15 02:17
Platform
win11-20240611-en
Max time kernel
4s
Max time network
5s
Command Line
"C:\Users\Admin\AppData\Local\Temp\ConsoleApplication1_THEMIDA.exe"
Signatures
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\ConsoleApplication1_THEMIDA.exe
"C:\Users\Admin\AppData\Local\Temp\ConsoleApplication1_THEMIDA.exe"
Network
| Country | Destination | Domain | Proto |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
Files
memory/4592-0-0x0000000140000000-0x000000014095C000-memory.dmp