Overview

overview

9

Static

static

7

goldgoldog...gl.exe

windows7-x64

9

goldgoldog...gl.exe

windows10-2004-x64

9

Resubmissions

28-04-2024 01:33

240428-byl5esdb52 9

28-04-2024 01:29

240428-bwmm6sdd6y 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    goldgoldogldolgoldoglgoldfoldgoldogl.exe

  • Size

    5.7MB

  • Sample

    240428-bwmm6sdd6y

  • MD5

    d1537172b59fb75bc967366a7753c09a

  • SHA1

    b425193c73307efb699d35aa2fae1342870a7dd1

  • SHA256

    88595ad1c40c4faca9fbd5e6ca7b9a6362528fdbfa81d73334a9c1ce76beaeeb

  • SHA512

    0c13c4da8369c351fdf00ab41c6b105e9eaf59352b914e762da5c5d5c648d579527d26c7c45d38f804f931565fc9f46e01b7ceb7f498f5a34cc0f44d072bf132

  • SSDEEP

    98304:h/WMW3SID8VwnLrzpKIXW1gnHjDwkCjM59H:gMW3WVWzpKIJH3wkCjM59H

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      goldgoldogldolgoldoglgoldfoldgoldogl.exe

    • Size

      5.7MB

    • MD5

      d1537172b59fb75bc967366a7753c09a

    • SHA1

      b425193c73307efb699d35aa2fae1342870a7dd1

    • SHA256

      88595ad1c40c4faca9fbd5e6ca7b9a6362528fdbfa81d73334a9c1ce76beaeeb

    • SHA512

      0c13c4da8369c351fdf00ab41c6b105e9eaf59352b914e762da5c5d5c648d579527d26c7c45d38f804f931565fc9f46e01b7ceb7f498f5a34cc0f44d072bf132

    • SSDEEP

      98304:h/WMW3SID8VwnLrzpKIXW1gnHjDwkCjM59H:gMW3WVWzpKIJH3wkCjM59H

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks