Overview

overview

9

Static

static

7

Infamous Loader.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    Infamous.zip

  • Size

    40.5MB

  • Sample

    240715-swfy3azerf

  • MD5

    e15754c7992aa3f4cfb928e1d7ac6ffc

  • SHA1

    92f71ce5bf0d6c3c9796d9eaaf560e038fc10797

  • SHA256

    00cff30032b63893e4ab6aa8cf3e49cf03be5d05b5acfccddb4b1be0e5f195ae

  • SHA512

    1214d6c7500bc0fe8bc92966688c34185bcd39a1944fb4ba8d5707da6ab9cb37695790b8eef767f5989dbd30842b654e6318858026a98c09c9d1fb113031fffd

  • SSDEEP

    786432:swaoPCkiw9yn07mDemycjOxW77aDAkJBn8uB3M9PF7AmDEJvs242gQ26Gh:vaoKc0nPDfycCxW77T0B8uBcxAmD20tP

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      Infamous Loader.exe

    • Size

      40.5MB

    • MD5

      a155c124592f36de7cf7a8f09f72bdd4

    • SHA1

      eb54b3879149766a8595e61f28f33fc6b105ff10

    • SHA256

      1f30f7e7f72c794417147806070bf0ee56ee0ade03a392704168250d26b05a1e

    • SHA512

      242276430abc842fef8a0173136b5651657e121d059ca85f785cda5be726acd6503df83ca97c3549d47d490d6b37addc8d7c97e26ba5dfb3a0042cc935ac361a

    • SSDEEP

      786432:mwaoPCkiw9yn07mDemycjOxW77aDAkJBn8uB3M9PF7AmDEJvs242gQ26GC:ZaoKc0nPDfycCxW77T0B8uBcxAmD20tI

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks