Overview

overview

9

Static

static

7

GoodLUCKK.exe

windows10-2004-x64

Resubmissions

31-05-2024 01:37

240531-b1tmaaac7x 9

31-05-2024 01:33

240531-byjdjaab5w 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    GoodLUCKK.exe

  • Size

    3.6MB

  • Sample

    240531-byjdjaab5w

  • MD5

    f030f259a0701ab0194f6788b9ad80f0

  • SHA1

    05349f6ebadf90cc9c24e850c2b1f23683cba06a

  • SHA256

    d1e47e37afc54aded04650b08ff29a1c504c1f9ffa590dc982b9d332b16dcb02

  • SHA512

    d36d63053043c8aa150c8e6592dc8f71d40ab1875a4d774a85d4aeeeba3d8c9de13d3f154473cbe272067119f13a6f9d070df7c9defdc7d7cbce70e014a65597

  • SSDEEP

    49152:ThyJyCyUSJFnpmvysSyT8qMgiFmkJ7VZnB/IwK5fRlYwxycjdFtFMOgjbs7qLSo2:loyCybpm68sD0wKvVjdFEjbs2L8ynhnI

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      GoodLUCKK.exe

    • Size

      3.6MB

    • MD5

      f030f259a0701ab0194f6788b9ad80f0

    • SHA1

      05349f6ebadf90cc9c24e850c2b1f23683cba06a

    • SHA256

      d1e47e37afc54aded04650b08ff29a1c504c1f9ffa590dc982b9d332b16dcb02

    • SHA512

      d36d63053043c8aa150c8e6592dc8f71d40ab1875a4d774a85d4aeeeba3d8c9de13d3f154473cbe272067119f13a6f9d070df7c9defdc7d7cbce70e014a65597

    • SSDEEP

      49152:ThyJyCyUSJFnpmvysSyT8qMgiFmkJ7VZnB/IwK5fRlYwxycjdFtFMOgjbs7qLSo2:loyCybpm68sD0wKvVjdFEjbs2L8ynhnI

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks