86d04cd48601528014a0781d1d491e033f88c7ef30d016103d5a8c4c04b07d3f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

Release-x64 (1).zip

windows10-2004-x64

Resubmissions

15/06/2023, 13:43 UTC

230615-q1ntcshd91 10

15/06/2023, 13:40 UTC

230615-qy1edahe32 10

15/06/2023, 12:34 UTC

230615-pr2s7agg72 10

Sharing

General

Target

Release-x64 (1).zip
Size

22.1MB
Sample

230615-qy1edahe32
MD5

02308f5d3fd4d0dca0b1b84409124693
SHA1

35f50b2cb9fe936037c8ddf9533d25598e1568ad
SHA256

86d04cd48601528014a0781d1d491e033f88c7ef30d016103d5a8c4c04b07d3f
SHA512

bb4e486e88deab530ef0109821b428166e7c6c444a76fe89ef4e5473c2766918ded17683600c68b5844e889b53fbe2d5c17ad0e505c1dc988854003f23cde547
SSDEEP

393216:uve5n24qm5ASHAep8IBz15m5l5ObLC4u54hXl87Vy4QO5X4Lfut6jA66k:uW124n5ASHAedBRkQLC4u54mVy4QO5XO

Score

10^/10

evasion themida

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Release-x64 (1).zip

Resource

win10v2004-20230221-en

evasion themida

windows10-2004-x64

10 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Release-x64 (1).zip
- Size
  
  22.1MB
- MD5
  
  02308f5d3fd4d0dca0b1b84409124693
- SHA1
  
  35f50b2cb9fe936037c8ddf9533d25598e1568ad
- SHA256
  
  86d04cd48601528014a0781d1d491e033f88c7ef30d016103d5a8c4c04b07d3f
- SHA512
  
  bb4e486e88deab530ef0109821b428166e7c6c444a76fe89ef4e5473c2766918ded17683600c68b5844e889b53fbe2d5c17ad0e505c1dc988854003f23cde547
- SSDEEP
  
  393216:uve5n24qm5ASHAep8IBz15m5l5ObLC4u54hXl87Vy4QO5X4Lfut6jA66k:uW124n5ASHAedBRkQLC4u54mVy4QO5XO
Score

10^/10

evasion themida
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.