40e5d280224a67307e27cd42fff0d27d16245a6ac416cbd1991440524c71ef65 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

074a084560...9e.exe

windows7-x64

9

074a084560...9e.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

074a084560866cb931465970623bea9e
Size

4.3MB
Sample

231229-3p1p1ahdhj
MD5

074a084560866cb931465970623bea9e
SHA1

3af929a01fc946b9f4fb5ce5f8e04ff8a068f10f
SHA256

40e5d280224a67307e27cd42fff0d27d16245a6ac416cbd1991440524c71ef65
SHA512

38a94f3989d532409feac7e2db00d3f507c261663ec310b4b2b30fba3e1e5c2485bf5e9b78e50dd7abecfb73189614f32670261b252a1648a3b3e8fa3f870fc4
SSDEEP

98304:Urg1QJHDLiW5AhF99xVVOI4hOxLPOHXwgmDEtZFZtoNfiL7:5yjF5Azr4WT8XY4aNKL7

Score

9^/10

evasion themida trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

074a084560866cb931465970623bea9e.exe

Resource

win7-20231215-en

evasion themida trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

074a084560866cb931465970623bea9e.exe

Resource

win10v2004-20231215-en

evasion themida trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  074a084560866cb931465970623bea9e
- Size
  
  4.3MB
- MD5
  
  074a084560866cb931465970623bea9e
- SHA1
  
  3af929a01fc946b9f4fb5ce5f8e04ff8a068f10f
- SHA256
  
  40e5d280224a67307e27cd42fff0d27d16245a6ac416cbd1991440524c71ef65
- SHA512
  
  38a94f3989d532409feac7e2db00d3f507c261663ec310b4b2b30fba3e1e5c2485bf5e9b78e50dd7abecfb73189614f32670261b252a1648a3b3e8fa3f870fc4
- SSDEEP
  
  98304:Urg1QJHDLiW5AhF99xVVOI4hOxLPOHXwgmDEtZFZtoNfiL7:5yjF5Azr4WT8XY4aNKL7
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionthemidatrojan

behavioral2

evasionthemidatrojan

© 2018-2025

Terms | Privacy