d98b023993c40643ea76dde7209fc693af2bc7e07eaf9f9b6bedac12bc920ec2 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

updater.exe

windows11-21h2-x64

9

Sharing

General

Target

updater.exe
Size

4.8MB
Sample

240410-jjnzgabe4t
MD5

37ef70bafb1b6928975fede40c0277a1
SHA1

e4c818bba1a8bb45cf9625e7c2b77918019650b0
SHA256

d98b023993c40643ea76dde7209fc693af2bc7e07eaf9f9b6bedac12bc920ec2
SHA512

84f65948a91f6d851ca43a3dfe346d357b59ce422d8f206f7850da1e10fb75916331c2452fd6b18ca000b2b7529f49094a34abb6b42551dca9a99b831161be48
SSDEEP

98304:m6+l6GqXjKZYKiE7PJVt/HgTOLPnABBmyJ56EW7bFyfdHB3aMcAY+:m6oqXj65iaRb/ATyrJEMRAHB3sg

Score

9^/10

evasion themida trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

updater.exe

Resource

win11-20240221-en

evasion themida trojan

windows11-21h2-x64

11 signatures

60 seconds

Malware Config

Targets

- Target
  
  updater.exe
- Size
  
  4.8MB
- MD5
  
  37ef70bafb1b6928975fede40c0277a1
- SHA1
  
  e4c818bba1a8bb45cf9625e7c2b77918019650b0
- SHA256
  
  d98b023993c40643ea76dde7209fc693af2bc7e07eaf9f9b6bedac12bc920ec2
- SHA512
  
  84f65948a91f6d851ca43a3dfe346d357b59ce422d8f206f7850da1e10fb75916331c2452fd6b18ca000b2b7529f49094a34abb6b42551dca9a99b831161be48
- SSDEEP
  
  98304:m6+l6GqXjKZYKiE7PJVt/HgTOLPnABBmyJ56EW7bFyfdHB3aMcAY+:m6oqXj65iaRb/ATyrJEMRAHB3sg
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionthemidatrojan

© 2018-2025

Terms | Privacy