86d04cd48601528014a0781d1d491e033f88c7ef30d016103d5a8c4c04b07d3f | Triage

Submit
Reports

Overview

overview

Static

static

7

Release-x64 (1).zip

windows10-2004-x64

Resubmissions

15-06-2023 13:43

230615-q1ntcshd91 10

15-06-2023 13:40

230615-qy1edahe32 10

15-06-2023 12:34

230615-pr2s7agg72 10

Sharing

General

Target

Release-x64 (1).zip
Size

22.1MB
Sample

230615-qy1edahe32
MD5

02308f5d3fd4d0dca0b1b84409124693
SHA1

35f50b2cb9fe936037c8ddf9533d25598e1568ad
SHA256

86d04cd48601528014a0781d1d491e033f88c7ef30d016103d5a8c4c04b07d3f
SHA512

bb4e486e88deab530ef0109821b428166e7c6c444a76fe89ef4e5473c2766918ded17683600c68b5844e889b53fbe2d5c17ad0e505c1dc988854003f23cde547
SSDEEP

393216:uve5n24qm5ASHAep8IBz15m5l5ObLC4u54hXl87Vy4QO5X4Lfut6jA66k:uW124n5ASHAedBRkQLC4u54mVy4QO5XO

Score

10^/10

evasion themida

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Release-x64 (1).zip

Resource

win10v2004-20230221-en

evasion themida

windows10-2004-x64

10 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Release-x64 (1).zip
- Size
  
  22.1MB
- MD5
  
  02308f5d3fd4d0dca0b1b84409124693
- SHA1
  
  35f50b2cb9fe936037c8ddf9533d25598e1568ad
- SHA256
  
  86d04cd48601528014a0781d1d491e033f88c7ef30d016103d5a8c4c04b07d3f
- SHA512
  
  bb4e486e88deab530ef0109821b428166e7c6c444a76fe89ef4e5473c2766918ded17683600c68b5844e889b53fbe2d5c17ad0e505c1dc988854003f23cde547
- SSDEEP
  
  393216:uve5n24qm5ASHAep8IBz15m5l5ObLC4u54hXl87Vy4QO5X4Lfut6jA66k:uW124n5ASHAedBRkQLC4u54mVy4QO5XO
Score

10^/10

evasion themida
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy