Overview

overview

9

Static

static

7

nyxia exte...al.exe

windows11-21h2-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    nyxia_external_1.1.zip

  • Size

    3.3MB

  • Sample

    240608-y5me4agd72

  • MD5

    7ab539fce2f9bccb8f96dc1ff7fc902f

  • SHA1

    2735a9cf211e89c8122844fff0bfd8365a6fec8c

  • SHA256

    1058539da467b55df4c38cb6483dc9d3e59cb75034f69006a184376b1c206d66

  • SHA512

    df0574cbc8bc46f5bc14e2a87ebd058d1b52c5706c10d0972e9c61e6ecfeba0bb80189543f548dce82f09d70455bab9b9a4b421325d401db6d3dd9db89be24a4

  • SSDEEP

    98304:2XYiyeHcda88+/sT+t9K9FODaD1HRmI82yAj9:2Ijgc08/vKvODA1gI8HAj9

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      nyxia external 1.1/nyxia external.exe

    • Size

      3.3MB

    • MD5

      51393a0442f9c01f59a597b1218887c8

    • SHA1

      2b48afc21ab4a30dd6b8ce4d8907c9062fb4d95c

    • SHA256

      19bddef132af20da74c89fb263b1ae89f9762eba06382e69cccdfc9048e45917

    • SHA512

      f492083b0b3cb86b4367da9fd7040b49de9d9643fef7f61b77815f761b0bec9eae3a61fdebe549ff1f9cf97c8b53cd7f7c44df4501f9a0f9baca87b502ac9de2

    • SSDEEP

      49152:ZPk827hGqT5yCL8FBo+IvuxVDK5rdynF4hNhLus6E9ku/8vpsS2vaovBlZ58aotR:Z88ypGOV0sPuvpsSIaM50tZjlBtB4I

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks