96349b4ca999a16f0e3b2159c41d25685e3dca999322b3a29b25369a24f63ed1 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

modest-menu.exe

windows10-1703-x64

9

Sharing

General

Target

modest-menu_v0.9.8_(Kiddionsmodmenu.com)_.zip
Size

15.3MB
Sample

230320-y1ybssfc33
MD5

af9c9de33a29273cae626d0f17969783
SHA1

dbd02372275e226a5bc98d3f40e59e217caf4a14
SHA256

96349b4ca999a16f0e3b2159c41d25685e3dca999322b3a29b25369a24f63ed1
SHA512

c5853928e27029c653d036e096cc5add55a32fc22d760e35fe20271e36d4e5bce4edc17be41f87b05ccd2de886c1222ed390040e4e767b4a6fc32ea8e1ed275b
SSDEEP

393216:SppNV85+fjQdAYnLHbcnM/tIMZTLmhvnq6LuuRopdp3vVoJocfx:cYkcdAcLHbcnM/t5Wh/6HpdpdoScfx

Score

9^/10

evasion themida trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

modest-menu.exe

Resource

win10-20230220-en

evasion themida trojan

windows10-1703-x64

10 signatures

60 seconds

Malware Config

Targets

- Target
  
  modest-menu.exe
- Size
  
  15.3MB
- MD5
  
  af6b000cca334405709a7a45f07b1788
- SHA1
  
  57c2502d8ca01a6da5b7ab4e61f857e9e0fd40f8
- SHA256
  
  0a03f7b518d5bc76cf58e1bfaad2b6840262b494553626c3727acbb8bd70cb91
- SHA512
  
  5dcfefd3dd7111fad2b96cad039a0aa3ea388d1666b20a2ada004c05658171b52b26d699b77564031960505c02cdaf440c66c2694d33ead970fe6fcd8b299b5e
- SSDEEP
  
  393216:9FESY8FS6GWgq2pyqNqfMgpcbVTv1OGOSHC84uza:DESYUS6GPqqNqUvToGOSHC8w
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionthemidatrojan

© 2018-2024

Terms | Privacy