General

  • Target

    36c3b311eef522ec6066f094352fde2c7d7ce86674b4fb6da62a04e520a6de3a

  • Size

    691KB

  • Sample

    220626-bybzfsdhh6

  • MD5

    02f19d1785920483d049c2b4e6d64cc3

  • SHA1

    8ea742bc5eb6766fb34a83b7f4e2f2a4720046a8

  • SHA256

    36c3b311eef522ec6066f094352fde2c7d7ce86674b4fb6da62a04e520a6de3a

  • SHA512

    8058f4fbe3518d2b0c57a4922286c6cf00ad1f622f97f91e9f7750f1b4e5a4ad26751ddc030fc7e00283a9d022d397147a1f75e454f4683914a80f7fa0527f5b

Malware Config

Targets

    • Target

      36c3b311eef522ec6066f094352fde2c7d7ce86674b4fb6da62a04e520a6de3a

    • Size

      691KB

    • MD5

      02f19d1785920483d049c2b4e6d64cc3

    • SHA1

      8ea742bc5eb6766fb34a83b7f4e2f2a4720046a8

    • SHA256

      36c3b311eef522ec6066f094352fde2c7d7ce86674b4fb6da62a04e520a6de3a

    • SHA512

      8058f4fbe3518d2b0c57a4922286c6cf00ad1f622f97f91e9f7750f1b4e5a4ad26751ddc030fc7e00283a9d022d397147a1f75e454f4683914a80f7fa0527f5b

    • BetaBot

      Beta Bot is a Trojan that infects computers and disables Antivirus.

    • Modifies firewall policy service

    • Sets file execution options in registry

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks