General
-
Target
4a833b842da4b80715e9b02dc862fc3fd5fcda28a0e559e982876d024262b7f7
-
Size
945KB
-
Sample
220712-p889labcbq
-
MD5
216de5915990a2a480f7d30f2f81da8f
-
SHA1
919a8aa62096c5e436bf998be9b9b33b42fb211e
-
SHA256
4a833b842da4b80715e9b02dc862fc3fd5fcda28a0e559e982876d024262b7f7
-
SHA512
3338a2e81fa7a6789b6c0493df68e753e6179b8f84f004d7afe18f6126f01b2638195076370bf1d8c79757841b8254753578095c4c45178f644df23e283aa657
Malware Config
Targets
-
-
Target
Plugins/CmdBar.dll
-
Size
63KB
-
MD5
6c7ba28fd1aacd8c4f5c46f76b855199
-
SHA1
c908a3763dda6ed0bc59a3030e080852a15fc6ec
-
SHA256
f9cf91a8c49149c7b05f61185a869af9878a73a19905bad07fa7ac83fe4ed46e
-
SHA512
25854d739fdb61a925f4a2f97f01201c10f1d2286239a0d291a6c1003404d50f43934399cab7d2dc338c43b10eca7f937c4bcd047e279b474909689a83f5405c
Score1/10 -
-
-
Target
betab.exe
-
Size
407KB
-
MD5
0837a200fd5a11fab728f51384eb8cce
-
SHA1
7133b6733d36d28aa19b9366689845b356f2b9fd
-
SHA256
2701eb12bc858772f0fbb29b7c18c4780afecba78e778f4363a78fc8b39feb48
-
SHA512
176903813e8b28327f671ee4429a3ab51899e446c63cc84d182cbb6ebe68a85b61e22a83696b9b01e5cb251e7fcaa58c296b237a965045832568eda9b727a86f
Score10/10-
BetaBot
Beta Bot is a Trojan that infects computers and disables Antivirus.
-
Modifies firewall policy service
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
ioncube_loader_lin_5.4.so
-
Size
1.4MB
-
MD5
6b11f7714b5c2ab686174db25c195dfa
-
SHA1
769a7b3add9126d661ff0908373e8296d47be5a8
-
SHA256
47fdce30362343e00705e50c7c7bebf1c48b929fec69b04bdb6742c185083d5e
-
SHA512
c7ce4f80fddbff16a762391fc7c6f238065f60bf92dc5e4a2139ad0b0c3d49a1fcb2df11acd5e4c66bed7f5cbae69d794c03d4ac37699a73d45d8d329ad51a03
Score1/10 -