Overview

overview

9

Static

static

7

ryomen-gen.rar

windows7-x64

3

ryomen-gen.rar

windows10-2004-x64

3

ryomen-gen...g.json

windows7-x64

3

ryomen-gen...g.json

windows10-2004-x64

3

ryomen-gen...gs.vbs

windows7-x64

1

ryomen-gen...gs.vbs

windows10-2004-x64

1

ryomen-gen...ol.exe

windows7-x64

7

ryomen-gen...ol.exe

windows10-2004-x64

7

out.exe

windows7-x64

out.exe

windows10-2004-x64

ryomen-gen...ol.ini

windows7-x64

1

ryomen-gen...ol.ini

windows10-2004-x64

1

ryomen-gen...me.txt

windows7-x64

1

ryomen-gen...me.txt

windows10-2004-x64

1

ryomen-gen/ryomen.exe

windows7-x64

9

ryomen-gen/ryomen.exe

windows10-2004-x64

9

ryomen.pyc

windows7-x64

3

ryomen.pyc

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ryomen-gen.rar

  • Size

    22.2MB

  • MD5

    eb34faf223e0593869a72a704f761d59

  • SHA1

    3db40b8a4a2f5fb492bc25096ecc44cd22e3dee8

  • SHA256

    c375e2d213b316fa300470a4cfc29588e87e52d7ee381d38b6de3ee2d800a113

  • SHA512

    46c63c93202fd8c66ceaff5a7b44d678b750dce9b74ccdeceab0392ec5a94cecf6ebd2fc609b219a669cf713608b3d02ba9159829e15de38b00e53383574ba69

  • SSDEEP

    393216:JIvo1MtEdy5l/ua/dHTn5BrC1J2lA8E5LRYXacoCbkbFCavAaFmZY:GvoeWA5l/b/pnkJ2W8E5LRcoCbenvA6P

Score
7/10
upxthemida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • ryomen-gen.rar
    .rar

    Password: ryomen

  • ryomen-gen/config.json
  • ryomen-gen/dcontrol/Defender_Settings.vbs
    .vbs
  • ryomen-gen/dcontrol/dControl.exe
    .exe windows:5 windows x86 arch:x86

    Password: ryomen


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • ryomen-gen/dcontrol/dControl.ini
  • ryomen-gen/read-me.txt
  • ryomen-gen/ryomen.exe
    .exe windows:5 windows x64 arch:x64

    Password: ryomen


    Headers

    Sections

  • ryomen.pyc