lumma | c603a87cacf12026db4d215e466599ca52f495334eb78fb438aaaa834437f5f1 | Triage

Submit
Reports

Overview

overview

Static

static

Deadly Tea...oX.zip

windows10-2004-x64

9

Sharing

General

Target

Deadly Team and VBR Cracked by SobFoX.zip
Size

5.6MB
Sample

240426-bdbsysgf65
MD5

0e88574b3a438a440bcb6ff128c1ccd6
SHA1

f129feeee9950e9bc24954888ac80573d7839184
SHA256

c603a87cacf12026db4d215e466599ca52f495334eb78fb438aaaa834437f5f1
SHA512

e41ff983d76ad12ad98c25b2ce0cfe0620c22286548896bfb5d0172e573a9cb092d1439d5564733f3a99b62451ad95bdacb73b1fa2b19c21ef7873740e89fc33
SSDEEP

98304:KpLVv28w/9eROXezMjNwwiIekrPSqjrr7sVNu2MZPHaIU5zi5D8KbkFPlvj5LO3Q:KpL88Q9eYNO/qSqsN5MZPHaIU5zi51k1

Score

10^/10

lumma evasion themida

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

Deadly Team and VBR Cracked by SobFoX.zip

Resource

win10v2004-20240412-en

evasion themida

windows10-2004-x64

14 signatures

1200 seconds

Malware Config

Targets

- Target
  
  Deadly Team and VBR Cracked by SobFoX.zip
- Size
  
  5.6MB
- MD5
  
  0e88574b3a438a440bcb6ff128c1ccd6
- SHA1
  
  f129feeee9950e9bc24954888ac80573d7839184
- SHA256
  
  c603a87cacf12026db4d215e466599ca52f495334eb78fb438aaaa834437f5f1
- SHA512
  
  e41ff983d76ad12ad98c25b2ce0cfe0620c22286548896bfb5d0172e573a9cb092d1439d5564733f3a99b62451ad95bdacb73b1fa2b19c21ef7873740e89fc33
- SSDEEP
  
  98304:KpLVv28w/9eROXezMjNwwiIekrPSqjrr7sVNu2MZPHaIU5zi5D8KbkFPlvj5LO3Q:KpL88Q9eYNO/qSqsN5MZPHaIU5zi51k1
Score

9^/10

evasion themida
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

Remote System Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy