Overview

overview

9

Static

static

7

modest-menu.exe

windows7-x64

9

modest-menu.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    modest-menu.exe

  • Size

    16.6MB

  • Sample

    240823-zb49gsvdjb

  • MD5

    8734cb11cf7a85b52ad4febf9e7599e9

  • SHA1

    305c6a73d8e8690f84a1c3da01f64cf745b15af0

  • SHA256

    46e9fc89c3dac162635794c54300f77b661a870562aec4fdf2ea56a0c86f42c6

  • SHA512

    c8205874bced0c4f4de1870ac928d8138d5051307b69dab1edca539b3574ded7b267eb70bfecc50656b41a8abb6f8306fbca64f0d350832fa8ea7b47aedf25a4

  • SSDEEP

    393216:tZovfvKZMsGirYu+ckzfiRCPCaYn+d26v6eg3u/d+/bHuRST:tiXvp/vpckzfiUgwS+/dwiRST

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      modest-menu.exe

    • Size

      16.6MB

    • MD5

      8734cb11cf7a85b52ad4febf9e7599e9

    • SHA1

      305c6a73d8e8690f84a1c3da01f64cf745b15af0

    • SHA256

      46e9fc89c3dac162635794c54300f77b661a870562aec4fdf2ea56a0c86f42c6

    • SHA512

      c8205874bced0c4f4de1870ac928d8138d5051307b69dab1edca539b3574ded7b267eb70bfecc50656b41a8abb6f8306fbca64f0d350832fa8ea7b47aedf25a4

    • SSDEEP

      393216:tZovfvKZMsGirYu+ckzfiRCPCaYn+d26v6eg3u/d+/bHuRST:tiXvp/vpckzfiUgwS+/dwiRST

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks