87ca94357c2fca7b8ad9fc85d226c094246beea18f3cd5f93f9220ff3fad4bcc | Triage

Submit
Reports

Overview

overview

9

Static

static

7

FLUX.exe

windows10-2004-x64

9

Sharing

General

Target

FLUX.exe
Size

5.2MB
Sample

240701-ghbawaxfma
MD5

ee06c5d41c03b92cffa93b3cbeb3811d
SHA1

82f25573eec37a19514cc13627b50e5965fcf841
SHA256

87ca94357c2fca7b8ad9fc85d226c094246beea18f3cd5f93f9220ff3fad4bcc
SHA512

e8d40ae2ea48688b8e1c3aa389cab67aea8540617f5a1a2b7acf4128456ed9f57576d0e7ae1bc8182d7c4d2d1ab6fd98027dda6953a7f6ddca0f17f3e7bf1768
SSDEEP

98304:3xiOrMP6cKsDTf6GDeeR4IuNekhtg1T4b1O/GtOPA7xrkKJn+5:3xiOY6cK4rTas4Deotg18bA/IOm25

Score

9^/10

evasion themida trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

FLUX.exe

Resource

win10v2004-20240611-en

evasion themida trojan

windows10-2004-x64

7 signatures

300 seconds

Malware Config

Targets

- Target
  
  FLUX.exe
- Size
  
  5.2MB
- MD5
  
  ee06c5d41c03b92cffa93b3cbeb3811d
- SHA1
  
  82f25573eec37a19514cc13627b50e5965fcf841
- SHA256
  
  87ca94357c2fca7b8ad9fc85d226c094246beea18f3cd5f93f9220ff3fad4bcc
- SHA512
  
  e8d40ae2ea48688b8e1c3aa389cab67aea8540617f5a1a2b7acf4128456ed9f57576d0e7ae1bc8182d7c4d2d1ab6fd98027dda6953a7f6ddca0f17f3e7bf1768
- SSDEEP
  
  98304:3xiOrMP6cKsDTf6GDeeR4IuNekhtg1T4b1O/GtOPA7xrkKJn+5:3xiOY6cK4rTas4Deotg18bA/IOm25
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionthemidatrojan

© 2018-2024

Terms | Privacy