9d9b5187ce3d32ba2d6c1d7f0e3e773ae4ae8886350e7abbbc2aea15d9c8af82 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

kyle cracking.rar

windows7-x64

3

kyle cracking.rar

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

kyle cracking.rar
Size

7.9MB
Sample

240921-cbazbazdmp
MD5

c098533414fd886dc4a2a473d2fef1fd
SHA1

5a70c788c53c83559d3aa6841532e4046753dd25
SHA256

9d9b5187ce3d32ba2d6c1d7f0e3e773ae4ae8886350e7abbbc2aea15d9c8af82
SHA512

a8923872a6e9676654dd17ee9cf977f10174cce5412a995c200f91762d329d0b09e8f31ab9f94d4e81857b518b535fbf1d2c4e6d56bcb23adacb3dd82c016366
SSDEEP

196608:FU2TZ2pWWhoLoUVl0lSY9DOLAZ/OLA4FGGgy:pINO8zh/F/O/gy

Score

9^/10

discovery evasion themida trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

kyle cracking.rar

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

kyle cracking.rar

Resource

win10v2004-20240802-en

discovery evasion themida trojan

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  kyle cracking.rar
- Size
  
  7.9MB
- MD5
  
  c098533414fd886dc4a2a473d2fef1fd
- SHA1
  
  5a70c788c53c83559d3aa6841532e4046753dd25
- SHA256
  
  9d9b5187ce3d32ba2d6c1d7f0e3e773ae4ae8886350e7abbbc2aea15d9c8af82
- SHA512
  
  a8923872a6e9676654dd17ee9cf977f10174cce5412a995c200f91762d329d0b09e8f31ab9f94d4e81857b518b535fbf1d2c4e6d56bcb23adacb3dd82c016366
- SSDEEP
  
  196608:FU2TZ2pWWhoLoUVl0lSY9DOLAZ/OLA4FGGgy:pINO8zh/F/O/gy
Score

9^/10

discovery evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasionthemidatrojan

© 2018-2025

Terms | Privacy