Overview

overview

9

Static

static

7

PoseidonLauncher.exe

windows7-x64

9

PoseidonLauncher.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    141s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2024, 16:13

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    PoseidonLauncher.exe

  • Size

    8.3MB

  • MD5

    1726cc919807c2ec45d387dc9c414fc0

  • SHA1

    8b795fbda3b933f89d2fa13f2674649ddbc7abed

  • SHA256

    89a70543929e782c5c76770c9db1c2c749fa2fdf877442ca208b83c737b81abf

  • SHA512

    2cff9fa0ae3e06ff7216aff58409aa4cf38a000f6c242347e8906c780e87523b92bbb8a5a23e06b1d150356583e588549c79af3c6731bc188fa676e31ac60164

  • SSDEEP

    196608:CuxijB/LjJ8mj05U8DWXEqoGdf0dk9pYQAIwNwy1CHUE58:CuxiV/Ll8mA5sEqoIa/hNwyw0c8

Score
9/10
evasionthemidatrojan

Malware Config

Signatures

  • Identifies VirtualBox via ACPI registry values (likely anti-VM) 2 TTPs 1 IoCs
    evasion
  • Downloads MZ/PE file
  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Themida packer 24 IoCs

    Detects Themida, an advanced Windows software protection system.

    themida
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PoseidonLauncher.exe
    "C:\Users\Admin\AppData\Local\Temp\PoseidonLauncher.exe"
    1⤵
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)
    • Checks BIOS information in registry
    • Checks whether UAC is enabled
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2912

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2912-0-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-1-0x000007FEFDAE3000-0x000007FEFDAE4000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2912-2-0x000007FEFDAD0000-0x000007FEFDB3C000-memory.dmp

          Filesize

          432KB

          Download

        • memory/2912-3-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-6-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-8-0x0000000180000000-0x0000000180071000-memory.dmp

          Filesize

          452KB

          Download

        • memory/2912-5-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-4-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-7-0x0000000180000000-0x0000000180071000-memory.dmp

          Filesize

          452KB

          Download

        • memory/2912-16-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-17-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-15-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-14-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-47-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-48-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-50-0x000007FEFDAE3000-0x000007FEFDAE4000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2912-49-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-51-0x000007FEFDAD0000-0x000007FEFDB3C000-memory.dmp

          Filesize

          432KB

          Download

        • memory/2912-52-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-53-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-54-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-55-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-56-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-57-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-58-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-59-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-60-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-61-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-62-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download

        • memory/2912-63-0x000000013FE70000-0x0000000141506000-memory.dmp

          Filesize

          22.6MB

          Download