General

  • Target

    ce9c06a667ee5620c58348c1184633cb8d7c1296f5964fd3e99684ae48009f49

  • Size

    1.8MB

  • Sample

    220920-mpjtgscge5

  • MD5

    ef7126240031ac08d8e77f1377e671bb

  • SHA1

    5c91857f207537e50f8bd3a34585bb72f75b1c58

  • SHA256

    ce9c06a667ee5620c58348c1184633cb8d7c1296f5964fd3e99684ae48009f49

  • SHA512

    3750eca2cadcf802cfbc68a27dabcff6f48086c7fc9eddd87962fe04b9d0f875617746e304ecedf184de678204718ce35c021f9be68c523d9492366cb17f64ae

  • SSDEEP

    49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

Score
9/10

Malware Config

Targets

    • Target

      ce9c06a667ee5620c58348c1184633cb8d7c1296f5964fd3e99684ae48009f49

    • Size

      1.8MB

    • MD5

      ef7126240031ac08d8e77f1377e671bb

    • SHA1

      5c91857f207537e50f8bd3a34585bb72f75b1c58

    • SHA256

      ce9c06a667ee5620c58348c1184633cb8d7c1296f5964fd3e99684ae48009f49

    • SHA512

      3750eca2cadcf802cfbc68a27dabcff6f48086c7fc9eddd87962fe04b9d0f875617746e304ecedf184de678204718ce35c021f9be68c523d9492366cb17f64ae

    • SSDEEP

      49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks