Overview

overview

9

Static

static

7

cartridge.exe

windows7-x64

9

Resubmissions

01/03/2023, 14:05

230301-rd11vaga4y 9

01/03/2023, 13:50

230301-q5qhrafh9t 9

01/03/2023, 13:47

230301-q3kjqafh8v 9

01/03/2023, 13:40

230301-qy1p5sgd36 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cartridge.exe

  • Size

    4.6MB

  • Sample

    230301-q3kjqafh8v

  • MD5

    01c0ffbf4899dd9659ab3d69bd071a3a

  • SHA1

    fef363e5680db20ffe13eac15092a0deb98492ec

  • SHA256

    45407220b71e139d1e851741eb586d7424ce7ec726e39a125669fa23f4c6598f

  • SHA512

    cc20a5e56063dfabd6b52aa24e51530da04a10a9f3a7ab0e327314f83f7d38754aed208632446dc222b1af0cabf20990ecfa1a0c635e7f6f7aeecb1a1d828d98

  • SSDEEP

    98304:XJm36qQN6mR38bMHjx7nggGRVewGPYnJLFiwKZ0NQsdUxNYJId:ZmKq1mFjkr+R8JLF8qdamId

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      cartridge.exe

    • Size

      4.6MB

    • MD5

      01c0ffbf4899dd9659ab3d69bd071a3a

    • SHA1

      fef363e5680db20ffe13eac15092a0deb98492ec

    • SHA256

      45407220b71e139d1e851741eb586d7424ce7ec726e39a125669fa23f4c6598f

    • SHA512

      cc20a5e56063dfabd6b52aa24e51530da04a10a9f3a7ab0e327314f83f7d38754aed208632446dc222b1af0cabf20990ecfa1a0c635e7f6f7aeecb1a1d828d98

    • SSDEEP

      98304:XJm36qQN6mR38bMHjx7nggGRVewGPYnJLFiwKZ0NQsdUxNYJId:ZmKq1mFjkr+R8JLF8qdamId

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks