Overview

overview

9

Static

static

7

Sketv2.exe

windows7-x64

9

Sketv2.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Sketv2.exe

  • Size

    30.6MB

  • Sample

    240919-fk53lascll

  • MD5

    e339d5f89f5374be972675621877cee7

  • SHA1

    d9e2da950f7c35cc85254ebe03aaa8df223768a4

  • SHA256

    8be2e0c29d544fa6ced88103491996f6f7c1767da066b43b14a827df1dc436c6

  • SHA512

    271cf3cbc09eac1ea088aed63c8c01272b5defee13d89a3d25c87ed802514d70573f2f4bc59d3892402e74e3d6df6ca2d627d26804e09e9b3d4250b70b2ba22a

  • SSDEEP

    786432:JAaPyJ3caNLZg9k4EYNoiZrNf8e9bV3TCPpBLxwJx:JAaPA3rYoeNfbxVDkrwJx

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      Sketv2.exe

    • Size

      30.6MB

    • MD5

      e339d5f89f5374be972675621877cee7

    • SHA1

      d9e2da950f7c35cc85254ebe03aaa8df223768a4

    • SHA256

      8be2e0c29d544fa6ced88103491996f6f7c1767da066b43b14a827df1dc436c6

    • SHA512

      271cf3cbc09eac1ea088aed63c8c01272b5defee13d89a3d25c87ed802514d70573f2f4bc59d3892402e74e3d6df6ca2d627d26804e09e9b3d4250b70b2ba22a

    • SSDEEP

      786432:JAaPyJ3caNLZg9k4EYNoiZrNf8e9bV3TCPpBLxwJx:JAaPA3rYoeNfbxVDkrwJx

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks