7396a9044c686124956620492341842b2c4a1eb722273cd07c7b5e40d0f9bc1d | Triage

Submit
Reports

Overview

overview

9

Static

static

7

7396a9044c...1d.dll

windows7_x64

9

7396a9044c...1d.dll

windows10-2004_x64

9

Sharing

General

Target

7396a9044c686124956620492341842b2c4a1eb722273cd07c7b5e40d0f9bc1d
Size

7.9MB
Sample

220620-jm4t4adca2
MD5

881b9fa1d9acef99650ff4e7d5cb5a7a
SHA1

571b56aabc740ce334c1b5f68909fc1fba1e6877
SHA256

7396a9044c686124956620492341842b2c4a1eb722273cd07c7b5e40d0f9bc1d
SHA512

7d736e79b8c8c033584844b998e7ad80dc22a25458ef18c476c4eb688f1d096960912cea39fa3e7e8c287c372922cbfb428c8622c99a3ea608ed3fa94f5c45ed

Score

9^/10

evasion themida trojan

Static task

static1

Behavioral task

behavioral1

Sample

7396a9044c686124956620492341842b2c4a1eb722273cd07c7b5e40d0f9bc1d.dll

Resource

win7-20220414-en

evasion themida trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

7396a9044c686124956620492341842b2c4a1eb722273cd07c7b5e40d0f9bc1d.dll

Resource

win10v2004-20220414-en

evasion themida trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  7396a9044c686124956620492341842b2c4a1eb722273cd07c7b5e40d0f9bc1d
- Size
  
  7.9MB
- MD5
  
  881b9fa1d9acef99650ff4e7d5cb5a7a
- SHA1
  
  571b56aabc740ce334c1b5f68909fc1fba1e6877
- SHA256
  
  7396a9044c686124956620492341842b2c4a1eb722273cd07c7b5e40d0f9bc1d
- SHA512
  
  7d736e79b8c8c033584844b998e7ad80dc22a25458ef18c476c4eb688f1d096960912cea39fa3e7e8c287c372922cbfb428c8622c99a3ea608ed3fa94f5c45ed
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionthemidatrojan

behavioral2

evasionthemidatrojan

© 2018-2024

Terms | Privacy