Overview

overview

9

Static

static

7

Inzector_p...ed.exe

windows7-x64

9

Inzector_p...ed.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Inzector_protected.exe

  • Size

    8.6MB

  • Sample

    240824-f8jt9svhkf

  • MD5

    4c271e796d8a31aba3c2c4151638c4b2

  • SHA1

    7b6062fd66bb6a76d1a844e5059b99bf909b8ea9

  • SHA256

    ef87cdba26bdcf889b1baf0dc2a3117d0ce71b855554ca1156b691a0d098c138

  • SHA512

    d462bcd81fc6ae803a8bf2bb7fc447ce7f6195796b5534bacc3d071cfba63ab0fc4a58e5d4f6458a36bc90c00050607835e81b7833bc8083bd8e214aecf501d2

  • SSDEEP

    196608:IRRLD9pDfZFdAw/F4BsV8xsVbsKDn/kpy+vzClHAe8AExpLTG8D:6RTiwH82VbFDnMpzGaLAEH+8D

Score
9/10
discoveryevasionthemidatrojan

Malware Config

Targets

    • Target

      Inzector_protected.exe

    • Size

      8.6MB

    • MD5

      4c271e796d8a31aba3c2c4151638c4b2

    • SHA1

      7b6062fd66bb6a76d1a844e5059b99bf909b8ea9

    • SHA256

      ef87cdba26bdcf889b1baf0dc2a3117d0ce71b855554ca1156b691a0d098c138

    • SHA512

      d462bcd81fc6ae803a8bf2bb7fc447ce7f6195796b5534bacc3d071cfba63ab0fc4a58e5d4f6458a36bc90c00050607835e81b7833bc8083bd8e214aecf501d2

    • SSDEEP

      196608:IRRLD9pDfZFdAw/F4BsV8xsVbsKDn/kpy+vzClHAe8AExpLTG8D:6RTiwH82VbFDnMpzGaLAEH+8D

    Score
    9/10
    evasionthemidatrojandiscovery

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks