Overview

overview

9

Static

static

7

Prax.dll

windows11-21h2-x64

Resubmissions

12-05-2024 17:11

240512-vqm7asff7v 9

12-05-2024 17:11

240512-vqej6aff6s 7

12-05-2024 17:10

240512-vp12rsff4y 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Prax.dll

  • Size

    8.3MB

  • Sample

    240512-vqm7asff7v

  • MD5

    b381fe02377903a1a88a179e88f7fedb

  • SHA1

    e91c0faf351deca21db1d8c6082409fe18e15d27

  • SHA256

    360c17322f2603a7679edfd80fafbabb85074ba0b485efd489dd04da4d75f3a5

  • SHA512

    e965c723af577c4978d8623f2a1668cef167b8cd9ef6f1524622a80bdfb708bc6151ee575dde99154a5f694262d231e0b50fb7cd4929e6d922c3db872f60ec23

  • SSDEEP

    98304:r7gbv3Z8p+VC4Ej2BucGCMhlFfc6jdvM6FzVOfuGDc0pIZCCS0yCvyA9:fgbvdxEjwurhlFjjdvhzOfXA0pNd89

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      Prax.dll

    • Size

      8.3MB

    • MD5

      b381fe02377903a1a88a179e88f7fedb

    • SHA1

      e91c0faf351deca21db1d8c6082409fe18e15d27

    • SHA256

      360c17322f2603a7679edfd80fafbabb85074ba0b485efd489dd04da4d75f3a5

    • SHA512

      e965c723af577c4978d8623f2a1668cef167b8cd9ef6f1524622a80bdfb708bc6151ee575dde99154a5f694262d231e0b50fb7cd4929e6d922c3db872f60ec23

    • SSDEEP

      98304:r7gbv3Z8p+VC4Ej2BucGCMhlFfc6jdvM6FzVOfuGDc0pIZCCS0yCvyA9:fgbvdxEjwurhlFjjdvhzOfXA0pNd89

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks