Overview

overview

9

Static

static

7

unban/1/1.exe

windows7-x64

9

unban/1/1.exe

windows10-2004-x64

9

unban/2/2.exe

windows7-x64

3

unban/2/2.exe

windows10-2004-x64

3

unban/3/3.exe

windows7-x64

6

unban/3/3.exe

windows10-2004-x64

6

unban/4/4.bat

windows7-x64

7

unban/4/4.bat

windows10-2004-x64

1

unban/5/Re...er.lnk

windows7-x64

3

unban/5/Re...er.lnk

windows10-2004-x64

3

unban/6/!!...!!.bat

windows7-x64

8

unban/6/!!...!!.bat

windows10-2004-x64

8

unban/6/AM...64.exe

windows7-x64

1

unban/6/AM...64.exe

windows10-2004-x64

1

unban/6/am...64.sys

windows7-x64

1

unban/6/am...64.sys

windows10-2004-x64

1

unban/6/am...64.sys

windows10-2004-x64

1

unban/9/Se...er.bat

windows7-x64

1

unban/9/Se...er.bat

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    unban.rar

  • Size

    5.6MB

  • MD5

    076c5dda927d8764061de3b870788541

  • SHA1

    78f0986701d94fa5c438cb40c1aa7e27ec1bee5e

  • SHA256

    66818a703573af9563ac15d67e0c57232a804566196df0026a03cf0099ce272b

  • SHA512

    c0321dace07507dd7132feca0e389431cdb42c74db060d993125c3c545fd273199173acec7265d2f0666f21c49013a5481345bf5fee31fd6dfb3a4a2aaccb68f

  • SSDEEP

    98304:uqnVYuOo6E5dWLiANMs/qQqdizsl49nAoNlC4OsS0TutmpKzCZL61:hVYuO9EjW+gZ98kutmwOw

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • unban.rar
    .rar
  • unban/1/1.exe
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • unban/2/2.exe
    .exe windows:4 windows x86 arch:x86

    a8fd72e864d14b8484dd49e800fd3a36


    Headers

    Imports

    Sections

  • unban/3/3.exe
    .exe windows:5 windows x86 arch:x86

    6b71a51c953ff20af290e7286a7dad23


    Headers

    Imports

    Sections

  • unban/4/4.bat
  • unban/5/READ.txt
  • unban/5/Revo Uninstaller.lnk
    .lnk
  • unban/6/!!!!RUNME!!!!!.bat
  • unban/6/AMIDEWINx64.EXE
    .exe windows:5 windows x64 arch:x64

    5d7543265f1d05f9bd6a417f4988fb48


    Headers

    Imports

    Sections

  • unban/6/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    4fbdc03e4487f98fb59360ea5b3e640d


    Code Sign

    Headers

    Imports

    Sections

  • unban/6/amigendrv64.sys
    .sys windows:10 windows x64 arch:x64

    f9141c3df8f7ec7b3f2d46265a3b5528


    Code Sign

    Headers

    Imports

    Sections

  • unban/7/READ.txt
  • unban/8/create a vhd disk.txt
  • unban/9/FINAL.txt
  • unban/9/SerialsChecker.bat