Static

static

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    the only way unban.rar

  • Size

    5.6MB

  • MD5

    d262cb57f6dfeeb7957660e7a47c9b77

  • SHA1

    f05f8ec6eec69743188d39d0e294c618b00b102c

  • SHA256

    cdc88814902e4674bc69017698245df057e59dd05b3149f68348a22843182633

  • SHA512

    3933448d20c9d75e0703dc326e905afa978662fa848505bc15d9d504432da0ce006d4fb7cc7367d365711dc05adbb154af138685479295aa720c003dc5ba7307

  • SSDEEP

    98304:qqnVYuOo6E5dWLiANMs/qQqdizsl49nAoNlClHCu9Ei/9uwJeQX1ut8r0HmPiG41:tVYuO9EjW+gZ9Lu9l88Et8ryGa

Score
7/10
themida

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • the only way unban.rar
    .rar
  • the only way unban/1/1.exe
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • the only way unban/10.credits/READ IF U LOVE ME .txt
  • the only way unban/2/2.exe
    .exe windows:4 windows x86 arch:x86

    a8fd72e864d14b8484dd49e800fd3a36


    Headers

    Imports

    Sections

  • the only way unban/3/3.exe
    .exe windows:5 windows x86 arch:x86

    6b71a51c953ff20af290e7286a7dad23


    Headers

    Imports

    Sections

  • the only way unban/4/4.bat
  • the only way unban/5/READ.txt
  • the only way unban/5/Revo Uninstaller.lnk
    .lnk
  • the only way unban/6/!!!!RUNME!!!!!.bat
  • the only way unban/6/AMIDEWINx64.EXE
    .exe windows:5 windows x64 arch:x64

    5d7543265f1d05f9bd6a417f4988fb48


    Headers

    Imports

    Sections

  • the only way unban/6/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    4fbdc03e4487f98fb59360ea5b3e640d


    Code Sign

    Headers

    Imports

    Sections

  • the only way unban/6/amigendrv64.sys
    .sys windows:10 windows x64 arch:x64

    f9141c3df8f7ec7b3f2d46265a3b5528


    Code Sign

    Headers

    Imports

    Sections

  • the only way unban/7/READ.txt
  • the only way unban/8/create a vhd disk.txt
  • the only way unban/9/FINAL.txt
  • the only way unban/9/SerialsChecker.bat