Overview

overview

9

Static

static

7

honda.exe

windows7-x64

9

honda.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    honda.exe

  • Size

    12.6MB

  • Sample

    241119-tmm7fsyaje

  • MD5

    0fd93d95f5427314c472acf35a741bd8

  • SHA1

    82c4a03fc289ff7231a55c781838a07cf2cb3afd

  • SHA256

    cb8109d659672303e80f6666d566f8192f3134d3d67048e1a60ff3ace62c66f5

  • SHA512

    566a7036ccc924aee8b49b69c031b5e77ca85f4ff643db5c82e0ac9533a1a687c844858ae0de080dc29ecc6d74b95cc0eca50d7ccc8f158104e32d2dd241f518

  • SSDEEP

    196608:yL9vGiCff7yl3nCIjvDMjYeVa65nT84FMIZETSwjPePdrQJ/BGOqJ9Au5DYPF:yLdGiCbsSIrDMjPgQETSwvJEOqQYDQ

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      honda.exe

    • Size

      12.6MB

    • MD5

      0fd93d95f5427314c472acf35a741bd8

    • SHA1

      82c4a03fc289ff7231a55c781838a07cf2cb3afd

    • SHA256

      cb8109d659672303e80f6666d566f8192f3134d3d67048e1a60ff3ace62c66f5

    • SHA512

      566a7036ccc924aee8b49b69c031b5e77ca85f4ff643db5c82e0ac9533a1a687c844858ae0de080dc29ecc6d74b95cc0eca50d7ccc8f158104e32d2dd241f518

    • SSDEEP

      196608:yL9vGiCff7yl3nCIjvDMjYeVa65nT84FMIZETSwjPePdrQJ/BGOqJ9Au5DYPF:yLdGiCbsSIrDMjPgQETSwvJEOqQYDQ

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks