Overview

overview

9

Static

static

7

Vape_Lite.exe

windows7-x64

9

Vape_Lite.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    Vape_Lite.exe

  • Size

    6.6MB

  • Sample

    230902-la3sdabf7w

  • MD5

    3459f3a3d65fa445d1eb52611ac55f6c

  • SHA1

    135c835edfeec60e41bc1b24f1a10ad7a86c9a00

  • SHA256

    9c85d76526d585038392e1af504886580d096e9646de2907b73feab521920944

  • SHA512

    1dbf42476304cefd859754f1d8219c0b37cc5b2885527f874245a37df5e1145dbcc1ff1ce34bdf0fa47df8a503e37244ff07a37bb92e8f2514533d8a89926d8b

  • SSDEEP

    98304:MsRRwjPcDZ3IFTbWJ6tWUQSPZyq2XOD6gwosVvC8pQ6TYupGFBUMnEB:MsRKjkNcyDVSROtgwJVvHjTrUIMni

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      Vape_Lite.exe

    • Size

      6.6MB

    • MD5

      3459f3a3d65fa445d1eb52611ac55f6c

    • SHA1

      135c835edfeec60e41bc1b24f1a10ad7a86c9a00

    • SHA256

      9c85d76526d585038392e1af504886580d096e9646de2907b73feab521920944

    • SHA512

      1dbf42476304cefd859754f1d8219c0b37cc5b2885527f874245a37df5e1145dbcc1ff1ce34bdf0fa47df8a503e37244ff07a37bb92e8f2514533d8a89926d8b

    • SSDEEP

      98304:MsRRwjPcDZ3IFTbWJ6tWUQSPZyq2XOD6gwosVvC8pQ6TYupGFBUMnEB:MsRKjkNcyDVSROtgwJVvHjTrUIMni

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks