Overview

overview

8

Static

static

3

thraxv2.exe

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    thraxv2.exe

  • Size

    67.7MB

  • Sample

    240721-bj6khsscja

  • MD5

    b3d0ef6fc8dc355c3a148cb525764d4d

  • SHA1

    c6b2074bf3420ae87e1bdc8d06142ce64f82c079

  • SHA256

    d26aab0090481d1574b23585ada561c89585a0d370b413ca8a326eb0a09d8d60

  • SHA512

    8503cf68b21a006449e6714b820cdf3105d8fca6b1cbd4d9d1be917dc8129b0a7e52f32a84369f326d8eded40685e8af6e1cd6ae55e1aeadfcfe942706614206

  • SSDEEP

    1572864:AYc12jESlHVCSuxLlQhmqpNxnvOJ+egZ1CBDlvQL:Tc2EoehQNxvpmlg

Score
8/10

Malware Config

Targets

    • Target

      thraxv2.exe

    • Size

      67.7MB

    • MD5

      b3d0ef6fc8dc355c3a148cb525764d4d

    • SHA1

      c6b2074bf3420ae87e1bdc8d06142ce64f82c079

    • SHA256

      d26aab0090481d1574b23585ada561c89585a0d370b413ca8a326eb0a09d8d60

    • SHA512

      8503cf68b21a006449e6714b820cdf3105d8fca6b1cbd4d9d1be917dc8129b0a7e52f32a84369f326d8eded40685e8af6e1cd6ae55e1aeadfcfe942706614206

    • SSDEEP

      1572864:AYc12jESlHVCSuxLlQhmqpNxnvOJ+egZ1CBDlvQL:Tc2EoehQNxvpmlg

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks