Overview

overview

9

Static

static

3

Themida v3.1.8.0.zip

windows10-1703-x64

1

Themida v3.1.8.0.zip

windows10-2004-x64

9

Resubmissions

19/05/2024, 20:44

240519-zjlgcahb6t 9

19/05/2024, 20:43

240519-zh3z1agh99 3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Themida v3.1.8.0.zip

  • Size

    61.8MB

  • Sample

    240519-zjlgcahb6t

  • MD5

    d2c3f03074805cf7ce4f909d308496aa

  • SHA1

    095e84046c7d4c06d2614a6fc965f3ed1dc33c0b

  • SHA256

    ae4d2c72d916bb5f3a8b8a5e58008f350e4b34d6dde37084d05ac592580a698d

  • SHA512

    dbe3a63cfc0e45f21f9cc36274c301a208272f8986f5004b6a85eeeedbe73f1ab2deb350a38975f6a0bd6dd6ef23e892f4e614ab4861516da7d50895281f9034

  • SSDEEP

    1572864:zwGCfYhHz4SM4Tplv5cJjJIb/iDlikLOnU4/jxn7EdaIP21V:kGCAZz4SMkpjwqsikSU4/j5YgIu1V

Score
9/10
bootkitevasionpersistencetrojan

Malware Config

Targets

    • Target

      Themida v3.1.8.0.zip

    • Size

      61.8MB

    • MD5

      d2c3f03074805cf7ce4f909d308496aa

    • SHA1

      095e84046c7d4c06d2614a6fc965f3ed1dc33c0b

    • SHA256

      ae4d2c72d916bb5f3a8b8a5e58008f350e4b34d6dde37084d05ac592580a698d

    • SHA512

      dbe3a63cfc0e45f21f9cc36274c301a208272f8986f5004b6a85eeeedbe73f1ab2deb350a38975f6a0bd6dd6ef23e892f4e614ab4861516da7d50895281f9034

    • SSDEEP

      1572864:zwGCfYhHz4SM4Tplv5cJjJIb/iDlikLOnU4/jxn7EdaIP21V:kGCAZz4SMkpjwqsikSU4/j5YgIu1V

    Score
    9/10
    bootkitevasionpersistencetrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks