6ad75992217a3b28bc5fe875016f8d13d83ac56730022b03341afb478179bbfa | Triage

Submit
Reports

Overview

overview

9

Static

static

7

YErb4fob3Z...yb.exe

windows10-2004-x64

9

Sharing

General

Target

YErb4fob3Zfa9s0ACYtpUHgyb.exe
Size

5.1MB
Sample

240630-zxyzlayeqq
MD5

4eeb4851e21eb25d0b1532c75bc5d983
SHA1

c8c33cf9e2fa02402f06abd4d790e920146da60b
SHA256

6ad75992217a3b28bc5fe875016f8d13d83ac56730022b03341afb478179bbfa
SHA512

ca1d331175bd172811c255e98badd8244397b048454e736a94b4e2fd0cca4ab3455c3603a5953c3e26cec7493fdf23099126cd2808102c61d599d01d0ddc358e
SSDEEP

98304:dBb0vjPesuu2bphf6mXUljWBFAn29uzvBknCLpNoSm0fy5nq:/bATunfZXU9WB/9uzKny0q

Score

9^/10

evasion themida trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

YErb4fob3Zfa9s0ACYtpUHgyb.exe

Resource

win10v2004-20240508-en

evasion themida trojan

windows10-2004-x64

9 signatures

300 seconds

Malware Config

Targets

- Target
  
  YErb4fob3Zfa9s0ACYtpUHgyb.exe
- Size
  
  5.1MB
- MD5
  
  4eeb4851e21eb25d0b1532c75bc5d983
- SHA1
  
  c8c33cf9e2fa02402f06abd4d790e920146da60b
- SHA256
  
  6ad75992217a3b28bc5fe875016f8d13d83ac56730022b03341afb478179bbfa
- SHA512
  
  ca1d331175bd172811c255e98badd8244397b048454e736a94b4e2fd0cca4ab3455c3603a5953c3e26cec7493fdf23099126cd2808102c61d599d01d0ddc358e
- SSDEEP
  
  98304:dBb0vjPesuu2bphf6mXUljWBFAn29uzvBknCLpNoSm0fy5nq:/bATunfZXU9WB/9uzKny0q
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionthemidatrojan

© 2018-2024

Terms | Privacy