9eee48b40ab94d4468603dd54fde7581308a79137e50c8ba03c4d483202e1bf3

General
Target

9eee48b40ab94d4468603dd54fde7581308a79137e50c8ba03c4d483202e1bf3

Size

2MB

Sample

210926-px7lmaehc3

Score
9 /10
MD5

1fae35c24b8df0d0f6713689e1ea1a20

SHA1

7f9d224e04d890eecfea5e79cbd4c4f89697f820

SHA256

9eee48b40ab94d4468603dd54fde7581308a79137e50c8ba03c4d483202e1bf3

SHA512

3abbfdedf618cc85d8e675237f955d1b6cc3cb834aed29dfc2db7bc35f6762a370102cc6d233ad97d25cb6db2db75ed4d774c2a9c456316801156ce3b8d69f02

Malware Config
Targets
Target

9eee48b40ab94d4468603dd54fde7581308a79137e50c8ba03c4d483202e1bf3

MD5

1fae35c24b8df0d0f6713689e1ea1a20

Filesize

2MB

Score
9 /10
SHA1

7f9d224e04d890eecfea5e79cbd4c4f89697f820

SHA256

9eee48b40ab94d4468603dd54fde7581308a79137e50c8ba03c4d483202e1bf3

SHA512

3abbfdedf618cc85d8e675237f955d1b6cc3cb834aed29dfc2db7bc35f6762a370102cc6d233ad97d25cb6db2db75ed4d774c2a9c456316801156ce3b8d69f02

Tags

Signatures

  • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    Tags

    TTPs

    Query Registry Virtualization/Sandbox Evasion
  • Checks BIOS information in registry

    Description

    BIOS information is often read in order to detect sandboxing environments.

    TTPs

    Query Registry System Information Discovery
  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Themida packer

    Description

    Detects Themida, an advanced Windows software protection system.

    Tags

  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery
  • Suspicious use of NtSetInformationThreadHideFromDebugger

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
                Privilege Escalation
                  Tasks