3f786bdb79bf519691bd9857cd423915f9ee2b251d604785f7228e06b6b35969 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

GiftCard-G...UP.exe

windows7_x64

9

GiftCard-G...UP.exe

windows10-2004_x64

9

Sharing

General

Target

GiftCard-Generator_SETUP.rar
Size

3.3MB
Sample

220625-sec6vaefc5
MD5

1d3179c4b244a2af073370ca0b710987
SHA1

424b8f0554d14eddf81194c4cf78b973963d63f1
SHA256

3f786bdb79bf519691bd9857cd423915f9ee2b251d604785f7228e06b6b35969
SHA512

fc2850493825ba10ae6252267baf18926736118dcab1ecbe414843b33845cc132b45a776183fc61480d0a39e3cd45706057d9585c5225e651fec0de4188d1595

Score

9^/10

evasion ransomware themida trojan

Static task

static1

Behavioral task

behavioral1

Sample

GiftCard-Generator_SETUP.exe

Resource

win7-20220414-en

evasion ransomware themida trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

GiftCard-Generator_SETUP.exe

Resource

win10v2004-20220414-en

evasion ransomware themida trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  GiftCard-Generator_SETUP.exe
- Size
  
  3.3MB
- MD5
  
  9e0728736c39c9aad664eaa7fadd1320
- SHA1
  
  268e1488c03755b9f2ed506c46c855001327a80d
- SHA256
  
  6895ceb670704f09844ef6c808a95510aabbe765362ff5cb98a7369d04fb27c9
- SHA512
  
  3e4179bb7ae411967a34ea2a81c76f29c89a82726f636dd2ce43383d97d94c22130f382a6ce76d5181239e154fd7439894989f0a806db45e2ed49cca77103948
Score

9^/10

evasion ransomware themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionransomwarethemidatrojan

behavioral2

evasionransomwarethemidatrojan

© 2018-2024

Terms | Privacy