General

  • Target

    9g1k15eu.exe

  • Size

    848KB

  • Sample

    220328-ws3v7sdag5

  • MD5

    d9774f4e6ae39dc2af347f106d04c620

  • SHA1

    a956b40af9880243f3a07c25c9889456ebe659f0

  • SHA256

    1bec4179157dfe579fb1dfa7e2297bd8f875aac23a5065351847e5ed0e2ec49b

  • SHA512

    258f1b02d2ebdca3ab24ccbaaab4c682d3329e675e6d4fe9c2de816c1a1e9f938a0feb07e031171012e4e34464e2602a5d072e011508811b3cb3b93ff3fe3fc9

Malware Config

Targets

    • Target

      9g1k15eu.exe

    • Size

      848KB

    • MD5

      d9774f4e6ae39dc2af347f106d04c620

    • SHA1

      a956b40af9880243f3a07c25c9889456ebe659f0

    • SHA256

      1bec4179157dfe579fb1dfa7e2297bd8f875aac23a5065351847e5ed0e2ec49b

    • SHA512

      258f1b02d2ebdca3ab24ccbaaab4c682d3329e675e6d4fe9c2de816c1a1e9f938a0feb07e031171012e4e34464e2602a5d072e011508811b3cb3b93ff3fe3fc9

    • BetaBot

      Beta Bot is a Trojan that infects computers and disables Antivirus.

    • Modifies firewall policy service

    • Sets file execution options in registry

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks