Overview

overview

9

Static

static

7

0976777165...52.exe

windows7-x64

9

0976777165...52.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0976777165ba1d0a18ef9c08c0442352

  • Size

    6.3MB

  • Sample

    231225-gkyh7aaafp

  • MD5

    0976777165ba1d0a18ef9c08c0442352

  • SHA1

    fb258d967c7e4d07f0b9cde274cedc4c382174bd

  • SHA256

    e5bebaf23742c65d7aafe75077c439a9757f99fa5810057a97dd3e1bbd6e091e

  • SHA512

    960cda9f1979e73a86eaf65116623c726d879484c6b3b3999f0c9d4741bf69ee6faa07e0fbe1d6ee4feebdd0d84105a0927ed583401d45044aaf6b9343d0705f

  • SSDEEP

    98304:gJ34K8qiqtRxni6UCa29PdjnpU9OtHvXflm0Mq/LlxGBO61c1Zf8QvuCK6FPE20m:bK8qbtR0xC3VDpUC9MdO6MZk6+OE20

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      0976777165ba1d0a18ef9c08c0442352

    • Size

      6.3MB

    • MD5

      0976777165ba1d0a18ef9c08c0442352

    • SHA1

      fb258d967c7e4d07f0b9cde274cedc4c382174bd

    • SHA256

      e5bebaf23742c65d7aafe75077c439a9757f99fa5810057a97dd3e1bbd6e091e

    • SHA512

      960cda9f1979e73a86eaf65116623c726d879484c6b3b3999f0c9d4741bf69ee6faa07e0fbe1d6ee4feebdd0d84105a0927ed583401d45044aaf6b9343d0705f

    • SSDEEP

      98304:gJ34K8qiqtRxni6UCa29PdjnpU9OtHvXflm0Mq/LlxGBO61c1Zf8QvuCK6FPE20m:bK8qbtR0xC3VDpUC9MdO6MZk6+OE20

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks