a964cc64cc16230fefb7e1cce143a05de3af1080f3b78b3b12caf7358306c0a9 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

Deadly Tea...er.exe

windows7-x64

9

Deadly Tea...er.exe

windows10-2004-x64

9

Deadly Tea...ck.exe

windows7-x64

1

Deadly Tea...ck.exe

windows10-2004-x64

1

Deadly Tea...rt.cmd

windows7-x64

9

Deadly Tea...rt.cmd

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

Deadly_Team_Cracked-1.rar
Size

4.1MB
Sample

231106-rhvpmabf5x
MD5

aa038474f43addd98757ba31890bb75e
SHA1

8d91755f08d762b5c839141a7307bce6a3e11960
SHA256

a964cc64cc16230fefb7e1cce143a05de3af1080f3b78b3b12caf7358306c0a9
SHA512

a83eed7f9a24b96cb31c8e4eac06dc8fad9f393af182fc25e5ba509ff396e781d0b9ca0b8795c28aff3112ea25887320eb7864ef9eac694c986451a052bec7b6
SSDEEP

98304:DLHsG8tBARYg8TP1qTu12Kt+V/HoYOeivXDQeACkwPmwan10Z/YwAuldbA/:D4GPr8jsu1X4oYOPRACkwPk10cii

Score

9^/10

evasion themida trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Deadly Team Cracked/NewLoader.exe

Resource

win7-20231020-en

evasion themida trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Deadly Team Cracked/NewLoader.exe

Resource

win10v2004-20231025-en

evasion themida trojan

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

Deadly Team Cracked/crack.exe

Resource

win7-20231020-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

Deadly Team Cracked/crack.exe

Resource

win10v2004-20231023-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

Deadly Team Cracked/start.cmd

Resource

win7-20231020-en

evasion themida

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral6

Sample

Deadly Team Cracked/start.cmd

Resource

win10v2004-20231023-en

evasion themida

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  Deadly Team Cracked/NewLoader.exe
- Size
  
  3.7MB
- MD5
  
  ee047cfbe1a3acdc0cebc24f16d98688
- SHA1
  
  8d41d61c43a3d9be86fe91a9bf0164d28e72ae51
- SHA256
  
  79758814c30b14f1b13735776684ed38935f198371e3d5ca8b5a2ac19d93f34d
- SHA512
  
  b46704a166afa57a597540b076cadab3af09471adf6d9d8484f1f307f74dd0aa642b7c5756e29536694dbb2afb496c44901017d12dec85be44990d139a2d40bd
- SSDEEP
  
  98304:RwgwzdfIVE1W8j5J5Rkdzx0BrDEGrV/ftsmtLchZK:R9wzV1L5/Rkdzx0BnZV/toW
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  Deadly Team Cracked/crack.exe
- Size
  
  355KB
- MD5
  
  7a02082d24780c11ba2a3b27b41505f3
- SHA1
  
  f188f08d8faeace1d7415152dfc7c42c3299bc74
- SHA256
  
  107e4e58097ba6983e44961d3207e713998c26a072cae3304d7c6e038783e89d
- SHA512
  
  9c9c832357335e11649b5aba86337b574681fd825f80396062b2efa9c17a4f00f5de6d18e383a1dc3a6a97dac23dd9adb4e8329e71401eec0e5e2ef64ac8a5d6
- SSDEEP
  
  6144:TFzU0To0OYAN4+Aj/LWGOmEY3QCDpM9LmwAb4PFxDq0n2evYbPp28:tbTopFULL1OmErCDpOLmwA8n6evUB3
Score

1^/10
behavioral3 behavioral4
- Target
  
  Deadly Team Cracked/start.cmd
- Size
  
  326B
- MD5
  
  b904e5e6864101103bdefa1bfb0f431e
- SHA1
  
  cb291487777d50b302486e9054af59718a1059ec
- SHA256
  
  529e13219d6fba5523146e78061cec6bf44da74f78f851722149a72a964b1662
- SHA512
  
  56232e066208b480b5ab66e997c626396006def3b186392be361615d44dbc249402ac87c8768ee2e2087539500bb378e2ab8e9f84d9a6131bfcf6ff25a2638a7
Score

9^/10

evasion themida
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionthemidatrojan

behavioral2

evasionthemidatrojan

behavioral3

behavioral4

behavioral5

behavioral6

© 2018-2025

Terms | Privacy