General
-
Target
30d9ffd4b92a4ed67569a78ceb25bb6f66346d1c0a7d6d6305e235cbdfe61ebe
-
Size
4.8MB
-
Sample
210712-xdmk74rq6n
-
MD5
0c858bb12c5eeb59a7add281fc6045be
-
SHA1
6517cc3d9ad5a6ffc82fce8097070684fa6a6282
-
SHA256
30d9ffd4b92a4ed67569a78ceb25bb6f66346d1c0a7d6d6305e235cbdfe61ebe
-
SHA512
096055c770e6f1e1fc1e2993fa565f17cf23b6aa67180662f95aab2adf034cc23baf687c57da74a9a8f85f27883b3f27a6d6edf02a49881b552ad858c3b7f2b6
Malware Config
Targets
-
-
Target
30d9ffd4b92a4ed67569a78ceb25bb6f66346d1c0a7d6d6305e235cbdfe61ebe
-
Size
4.8MB
-
MD5
0c858bb12c5eeb59a7add281fc6045be
-
SHA1
6517cc3d9ad5a6ffc82fce8097070684fa6a6282
-
SHA256
30d9ffd4b92a4ed67569a78ceb25bb6f66346d1c0a7d6d6305e235cbdfe61ebe
-
SHA512
096055c770e6f1e1fc1e2993fa565f17cf23b6aa67180662f95aab2adf034cc23baf687c57da74a9a8f85f27883b3f27a6d6edf02a49881b552ad858c3b7f2b6
Score10/10-
biopass
BIOPASS is a RAT connected with Winnti group (APT41).
-
family_biopass
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-