Overview

overview

9

Static

static

7

42e04dfd67...16.exe

windows7-x64

9

42e04dfd67...16.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    42e04dfd67648f7c95d694298e3f3016

  • Size

    2.8MB

  • Sample

    240105-f6fd3abge3

  • MD5

    42e04dfd67648f7c95d694298e3f3016

  • SHA1

    3d495c8c83e719c66de7046cc2efbf7baeea0ed2

  • SHA256

    02c16fbc286c4d9291592795091d4d42e5090390157f57892235c5661a78d471

  • SHA512

    d7a48832020e2ee4d95945a31c77c18c8d6cb609e0e84dfd9c282f91d8ae543329c912f0088b521e5e48f24bb586e7317e5a9c1ca98bd14785c10168ab8c14e6

  • SSDEEP

    49152:W4gNHTn5FpZyv6UJIlHkJGX/gfmntexQK9H4ksSZAyW942iLeUL9tU+WUuEft9v:WNNFpWJwxg1V4kspyyvrsDke9v

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      42e04dfd67648f7c95d694298e3f3016

    • Size

      2.8MB

    • MD5

      42e04dfd67648f7c95d694298e3f3016

    • SHA1

      3d495c8c83e719c66de7046cc2efbf7baeea0ed2

    • SHA256

      02c16fbc286c4d9291592795091d4d42e5090390157f57892235c5661a78d471

    • SHA512

      d7a48832020e2ee4d95945a31c77c18c8d6cb609e0e84dfd9c282f91d8ae543329c912f0088b521e5e48f24bb586e7317e5a9c1ca98bd14785c10168ab8c14e6

    • SSDEEP

      49152:W4gNHTn5FpZyv6UJIlHkJGX/gfmntexQK9H4ksSZAyW942iLeUL9tU+WUuEft9v:WNNFpWJwxg1V4kspyyvrsDke9v

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks