2cea1385ca83dbc79de55e3aca99f02f2f10a46122956d27346bac0cd23dbc76 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

nbigdxqqfu.dll

windows7_x64

9

nbigdxqqfu.dll

windows10-2004_x64

9

Sharing

General

Target

nbigdxqqfu.ncy
Size

8.4MB
Sample

220701-kba83sbgep
MD5

3a2ba549d59aa944f20df5dbbc70827c
SHA1

b6f0863186b3dee82abdd2806a7313645d4908fc
SHA256

2cea1385ca83dbc79de55e3aca99f02f2f10a46122956d27346bac0cd23dbc76
SHA512

c9c4cad12a64969c5ca678b7d3b328fe1d7ff1e3866daf86f5720ed864169f4660c4143bbc84206bd8a64cc2db1327b094e6d87683bb06702e87c9c87e6f8639

Score

9^/10

evasion themida trojan

Static task

static1

Behavioral task

behavioral1

Sample

nbigdxqqfu.dll

Resource

win7-20220414-en

evasion themida trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

nbigdxqqfu.dll

Resource

win10v2004-20220414-en

evasion themida trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  nbigdxqqfu.ncy
- Size
  
  8.4MB
- MD5
  
  3a2ba549d59aa944f20df5dbbc70827c
- SHA1
  
  b6f0863186b3dee82abdd2806a7313645d4908fc
- SHA256
  
  2cea1385ca83dbc79de55e3aca99f02f2f10a46122956d27346bac0cd23dbc76
- SHA512
  
  c9c4cad12a64969c5ca678b7d3b328fe1d7ff1e3866daf86f5720ed864169f4660c4143bbc84206bd8a64cc2db1327b094e6d87683bb06702e87c9c87e6f8639
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionthemidatrojan

behavioral2

evasionthemidatrojan

© 2018-2024

Terms | Privacy