Overview

overview

7

Static

static

7

Trainerbpt.exe

windows7-x64

7

Trainerbpt.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    356c098424c7b583f4f3bf0847d3225f5502d85f036efec0e0e3db2d2944ab0a

  • Size

    1.1MB

  • Sample

    221127-pk26dabf5z

  • MD5

    3b7eb6bff7e0aa31d36c06e7f9f3f6af

  • SHA1

    4e8c48bc58b3f48f0d75622dd9dd6d1a45c830c0

  • SHA256

    356c098424c7b583f4f3bf0847d3225f5502d85f036efec0e0e3db2d2944ab0a

  • SHA512

    587b045625f9fa003a1d7c0b406f9cd281562d139ca0eea91825cf83c61b7b794285125e41a279e91ca08f4f14c454f17a3367cf1446b13816bf3110dae0c460

  • SSDEEP

    24576:gQWMIQX31zSf5s//tXezbXmkq/E2uTSObJCNIs0OcHwqc6OPCkKoS5EchWw9JOHG:gQl/NSI/5ezbXxq/E2wb0Nv0S96U9Ko6

Score
7/10
evasionthemida

Malware Config

Targets

    • Target

      Trainerbpt.exe

    • Size

      1.1MB

    • MD5

      d24a38ab1a6ea3835d9b80e0a45ddada

    • SHA1

      e4b541c90fce0c625485f0ee74aebb158d066965

    • SHA256

      0bcca057b966710f6339c74631c7d20f8766249ad7cc5b19892b510225c6540d

    • SHA512

      c4097d49928ed72aee198f4b66923bebcc6acb7e1b7bfb2870290864623087efc4096dd77d4933b19f782f99f8fd5f8ca714441f66fa3619267b3b2ca52b80e2

    • SSDEEP

      24576:rSoWi7OLV9dHYcCCBt6iYzOYito5rtd/ZIo7TwPOqIbHYANi8CVHik1:rf0LVXH3vtPbYoqZIo3wPOt9NifVCk

    Score
    7/10
    evasionthemida

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Query Registry

1
T1012

Virtualization/Sandbox Evasion

1
T1497

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks