ef87cdba26bdcf889b1baf0dc2a3117d0ce71b855554ca1156b691a0d098c138 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

Inzector_p...ed.exe

windows11-21h2-x64

9

Resubmissions

24-08-2024 05:37

240824-gbckcswanc 9

Sharing

General

Target

Inzector_protected.exe
Size

8.6MB
Sample

240824-gbckcswanc
MD5

4c271e796d8a31aba3c2c4151638c4b2
SHA1

7b6062fd66bb6a76d1a844e5059b99bf909b8ea9
SHA256

ef87cdba26bdcf889b1baf0dc2a3117d0ce71b855554ca1156b691a0d098c138
SHA512

d462bcd81fc6ae803a8bf2bb7fc447ce7f6195796b5534bacc3d071cfba63ab0fc4a58e5d4f6458a36bc90c00050607835e81b7833bc8083bd8e214aecf501d2
SSDEEP

196608:IRRLD9pDfZFdAw/F4BsV8xsVbsKDn/kpy+vzClHAe8AExpLTG8D:6RTiwH82VbFDnMpzGaLAEH+8D

Score

9^/10

evasion themida trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Inzector_protected.exe

Resource

win11-20240802-en

evasion themida trojan

windows11-21h2-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  Inzector_protected.exe
- Size
  
  8.6MB
- MD5
  
  4c271e796d8a31aba3c2c4151638c4b2
- SHA1
  
  7b6062fd66bb6a76d1a844e5059b99bf909b8ea9
- SHA256
  
  ef87cdba26bdcf889b1baf0dc2a3117d0ce71b855554ca1156b691a0d098c138
- SHA512
  
  d462bcd81fc6ae803a8bf2bb7fc447ce7f6195796b5534bacc3d071cfba63ab0fc4a58e5d4f6458a36bc90c00050607835e81b7833bc8083bd8e214aecf501d2
- SSDEEP
  
  196608:IRRLD9pDfZFdAw/F4BsV8xsVbsKDn/kpy+vzClHAe8AExpLTG8D:6RTiwH82VbFDnMpzGaLAEH+8D
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionthemidatrojan

© 2018-2025

Terms | Privacy