Overview

overview

9

Static

static

7

9a07d2cea2...0N.exe

windows7-x64

7

9a07d2cea2...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    9a07d2cea2c4e4973d21023d41696f50N

  • Size

    3.3MB

  • Sample

    240829-b7vsxsxere

  • MD5

    9a07d2cea2c4e4973d21023d41696f50

  • SHA1

    07a1d6254d016b3b45abc04fa88589a0e0fb5bfd

  • SHA256

    59776511dc3a5d9922bf774227b8b9c641753f2c2652e26a4be687276ca59a50

  • SHA512

    fbf71ae48461648c4ab95cce381470cb3c052bb4ba2cdc4863f5a08c867363a340fea6bbf223d13ba9772eb8d99e38f0113614ba5a92e30e6bde555f4f2fa3ea

  • SSDEEP

    98304:i6kxpS3cJMaBHSKBFtBpi4FUPdiW8+ZLEx:i6krS3U19FtBj45Zgx

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      9a07d2cea2c4e4973d21023d41696f50N

    • Size

      3.3MB

    • MD5

      9a07d2cea2c4e4973d21023d41696f50

    • SHA1

      07a1d6254d016b3b45abc04fa88589a0e0fb5bfd

    • SHA256

      59776511dc3a5d9922bf774227b8b9c641753f2c2652e26a4be687276ca59a50

    • SHA512

      fbf71ae48461648c4ab95cce381470cb3c052bb4ba2cdc4863f5a08c867363a340fea6bbf223d13ba9772eb8d99e38f0113614ba5a92e30e6bde555f4f2fa3ea

    • SSDEEP

      98304:i6kxpS3cJMaBHSKBFtBpi4FUPdiW8+ZLEx:i6krS3U19FtBj45Zgx

    Score
    9/10
    themidaevasiontrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks