Overview

overview

9

Static

static

7

modest-menu.exe

windows7-x64

9

modest-menu.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    modest-menu_v0.9.7_[kiddionsmodmenu.com]_.zip

  • Size

    14.0MB

  • Sample

    230206-ydvbmafe92

  • MD5

    140e983ee8f097e731d0365757878f58

  • SHA1

    77d425314b1d68d3fdde1d96ac1e8dcc5644248a

  • SHA256

    2d7405b5d6cd5293b6c81a232edf4f5e98c7e6443152b78b849d619f73e8274a

  • SHA512

    7faef00b0574d2ce42ddce3d2581f4f733d82098fb6a9be8467f86e2d208698e6a60d87d49ae06d8626243c8c0ab18ce68a6dfa1f963f421cd85f858a34a656b

  • SSDEEP

    393216:s1jf6i5VQ6rUWnguEJaDfz9b9znSFxlUOFXxJY:ufbI7OguES7zSFx+

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      modest-menu.exe

    • Size

      14.0MB

    • MD5

      ac062fc9712de55c8c888d6d7fe40c4b

    • SHA1

      2be787ad29f7b783b24ec925153967f4206adacd

    • SHA256

      e388f58cb819d7d603ab71b8909a439ee9e4ac1630c7c64386112a75f2e60966

    • SHA512

      1ad9ecd99df89806fb1b3d7e02343f5297e0379eeef0235bbeb98288788bab9250e20e3c4d3b0a6cbab7a726bfe7dcb1dbd76419d06d7a35d51ad048b5dd450f

    • SSDEEP

      393216:Dl/7prg5lxSqTWgwboGCij0dVMIVibKTWfXuWIQ:R6UqigwboG2JVib7fp

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Query Registry

2
T1012

Virtualization/Sandbox Evasion

1
T1497

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks