Overview

overview

7

Static

static

7

7131825ce6...0N.exe

windows7-x64

7

7131825ce6...0N.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7131825ce69e7dd3ee52dcd16f0d7aa0N.exe

  • Size

    2.0MB

  • Sample

    240727-ak1vzstgln

  • MD5

    7131825ce69e7dd3ee52dcd16f0d7aa0

  • SHA1

    94a7ba6b5433ad686bffb396743b00782f61c645

  • SHA256

    7278c20f50457ce45e71e4be844818fee007089b790707df5ca563d581d0b03f

  • SHA512

    b62ba054250c01e832acc1d7a2d38ce34b193b2fc12daacc214fcdbfdf4eecc8ac62ef7eb3b0f81ac2cd0350d15fdce5b4fa2641ce2ad5bf6e4f3175fd676484

  • SSDEEP

    49152:75Gw5TFcAmVGLM9798vJ2iNLixCtX3F8MwUJU1WOBT:FT5ZcAyAe7uJ1YxCn8MJSIO

Score
7/10
discoveryevasionthemida

Malware Config

Targets

    • Target

      7131825ce69e7dd3ee52dcd16f0d7aa0N.exe

    • Size

      2.0MB

    • MD5

      7131825ce69e7dd3ee52dcd16f0d7aa0

    • SHA1

      94a7ba6b5433ad686bffb396743b00782f61c645

    • SHA256

      7278c20f50457ce45e71e4be844818fee007089b790707df5ca563d581d0b03f

    • SHA512

      b62ba054250c01e832acc1d7a2d38ce34b193b2fc12daacc214fcdbfdf4eecc8ac62ef7eb3b0f81ac2cd0350d15fdce5b4fa2641ce2ad5bf6e4f3175fd676484

    • SSDEEP

      49152:75Gw5TFcAmVGLM9798vJ2iNLixCtX3F8MwUJU1WOBT:FT5ZcAyAe7uJ1YxCn8MJSIO

    Score
    7/10
    evasionthemidadiscovery

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks