Overview

overview

9

Static

static

7

Infamous.zip

windows10-2004-x64

9

Resubmissions

15/07/2024, 15:33

240715-szhl3axdrr 7

15/07/2024, 15:30

240715-sxwqxaxdmj 9

Sharing

Copy URL Twitter E-mail

General

  • Target

    Infamous.zip

  • Size

    40.5MB

  • Sample

    240715-sxwqxaxdmj

  • MD5

    e15754c7992aa3f4cfb928e1d7ac6ffc

  • SHA1

    92f71ce5bf0d6c3c9796d9eaaf560e038fc10797

  • SHA256

    00cff30032b63893e4ab6aa8cf3e49cf03be5d05b5acfccddb4b1be0e5f195ae

  • SHA512

    1214d6c7500bc0fe8bc92966688c34185bcd39a1944fb4ba8d5707da6ab9cb37695790b8eef767f5989dbd30842b654e6318858026a98c09c9d1fb113031fffd

  • SSDEEP

    786432:swaoPCkiw9yn07mDemycjOxW77aDAkJBn8uB3M9PF7AmDEJvs242gQ26Gh:vaoKc0nPDfycCxW77T0B8uBcxAmD20tP

Score
9/10
evasionthemida

Malware Config

Targets

    • Target

      Infamous.zip

    • Size

      40.5MB

    • MD5

      e15754c7992aa3f4cfb928e1d7ac6ffc

    • SHA1

      92f71ce5bf0d6c3c9796d9eaaf560e038fc10797

    • SHA256

      00cff30032b63893e4ab6aa8cf3e49cf03be5d05b5acfccddb4b1be0e5f195ae

    • SHA512

      1214d6c7500bc0fe8bc92966688c34185bcd39a1944fb4ba8d5707da6ab9cb37695790b8eef767f5989dbd30842b654e6318858026a98c09c9d1fb113031fffd

    • SSDEEP

      786432:swaoPCkiw9yn07mDemycjOxW77aDAkJBn8uB3M9PF7AmDEJvs242gQ26Gh:vaoKc0nPDfycCxW77T0B8uBcxAmD20tP

    Score
    9/10
    evasionthemida

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks