Overview

overview

9

Static

static

7

49578c53eb...15.exe

windows7-x64

9

49578c53eb...15.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    49578c53ebec5b264bcff7f904216015

  • Size

    2.8MB

  • Sample

    240107-sr7wzshfdm

  • MD5

    49578c53ebec5b264bcff7f904216015

  • SHA1

    e0cb0e2bf73410fa726e0eba7419f1fac0555eb2

  • SHA256

    102b0d7ad78b95f0374815e1037e1ce3064ab282116e6fe34c1ef6c7bda06dce

  • SHA512

    be089d9641268a92f9b21c8c50b04707cc09acba23d76551e3753795c906da7755ad327441a36ce8d8522ee2bb0375ad2b65868bc9ff533310a883d66020965f

  • SSDEEP

    49152:2n6FI+QYgDAfysSyvChkxqlpS0RaY7l5skEXQ8exVsOY+4LGGSlhK05tVJ:E6FRQmasG3aclqk78exVXiuFH

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      49578c53ebec5b264bcff7f904216015

    • Size

      2.8MB

    • MD5

      49578c53ebec5b264bcff7f904216015

    • SHA1

      e0cb0e2bf73410fa726e0eba7419f1fac0555eb2

    • SHA256

      102b0d7ad78b95f0374815e1037e1ce3064ab282116e6fe34c1ef6c7bda06dce

    • SHA512

      be089d9641268a92f9b21c8c50b04707cc09acba23d76551e3753795c906da7755ad327441a36ce8d8522ee2bb0375ad2b65868bc9ff533310a883d66020965f

    • SSDEEP

      49152:2n6FI+QYgDAfysSyvChkxqlpS0RaY7l5skEXQ8exVsOY+4LGGSlhK05tVJ:E6FRQmasG3aclqk78exVXiuFH

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks