betabot | 4f335599beaa4792e1946ac5fe2c3c47148b3417bc366a971c038a96a50b022c | Triage

Submit
Reports

Overview

overview

Static

static

Propuesta-...ia.exe

windows7-x64

Propuesta-...ia.exe

windows10-2004-x64

Sharing

General

Target

4f335599beaa4792e1946ac5fe2c3c47148b3417bc366a971c038a96a50b022c
Size

395KB
Sample

220720-sjk29agfa9
MD5

067b3fc946d8c430154d7c7648faa5b5
SHA1

4731f00dd7b4ec54289ba565ee326341adc8d7fe
SHA256

4f335599beaa4792e1946ac5fe2c3c47148b3417bc366a971c038a96a50b022c
SHA512

f43e632bbfadc896de616f16f890388808e4972c8204b102ac58044865d0e758a0d937ccdff449370554e9baa051764cf20936970679eadcfdb7cf85c20ca330

Score

10^/10

betabot backdoor botnet evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

Propuesta-estrategia.exe

Resource

win7-20220718-en

betabot backdoor botnet evasion persistence trojan

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

Propuesta-estrategia.exe

Resource

win10v2004-20220414-en

betabot backdoor botnet evasion persistence trojan

windows10-2004-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  Propuesta-estrategia.exe
- Size
  
  552KB
- MD5
  
  ff3ead9b3608969b11b467c9a2cc8edd
- SHA1
  
  4c720661536dae0696d1158a9c732d5e0c7369e4
- SHA256
  
  5ba70f3254c52fc2b0dbc6520c443d3b4bd0bc593c2aebe1d3f3402ebc9194f0
- SHA512
  
  58fd80ee0efc7eaf2ec96646ceffc0a8046d7b9908aaa273ac1b06ad239f5b4e91556b692601b073a3b35e68a42be1e720884ac0e8b8998610d4c070203cd311
Score

10^/10

betabot backdoor botnet evasion persistence trojan
- BetaBot
  Beta Bot is a Trojan that infects computers and disables Antivirus.
  trojan backdoor botnet betabot
- Modifies firewall policy service
  evasion
- Sets file execution options in registry
  persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

betabotbackdoorbotnetevasionpersistencetrojan

behavioral2

betabotbackdoorbotnetevasionpersistencetrojan

© 2018-2024

Terms | Privacy