General
-
Target
cccb98520d7b5747bbec8af8fcc1d245eaccea92a346c30309c3333519933451
-
Size
270KB
-
Sample
221001-xms99acdfq
-
MD5
72a5fd774abbbcbdc38527826122b580
-
SHA1
08da270a2c68a7b113aaaee8b2cbffb7665163c9
-
SHA256
cccb98520d7b5747bbec8af8fcc1d245eaccea92a346c30309c3333519933451
-
SHA512
51abac0551b7e97c9691b0a2f821d22a258022c25dcc7c1c7bd6e873e658ea3bf7affdae06d8b6929e2473600c55abbc7a1b1decdd17b76e376b9c54eca6218f
-
SSDEEP
6144:LAsBZPuFKtb1svWp8uAUf2lNbhu1ZHqsM7hQzZT8PjUs:tUOb1svWpaUfgNbhu1csqu3s
Malware Config
Targets
-
-
Target
cccb98520d7b5747bbec8af8fcc1d245eaccea92a346c30309c3333519933451
-
Size
270KB
-
MD5
72a5fd774abbbcbdc38527826122b580
-
SHA1
08da270a2c68a7b113aaaee8b2cbffb7665163c9
-
SHA256
cccb98520d7b5747bbec8af8fcc1d245eaccea92a346c30309c3333519933451
-
SHA512
51abac0551b7e97c9691b0a2f821d22a258022c25dcc7c1c7bd6e873e658ea3bf7affdae06d8b6929e2473600c55abbc7a1b1decdd17b76e376b9c54eca6218f
-
SSDEEP
6144:LAsBZPuFKtb1svWp8uAUf2lNbhu1ZHqsM7hQzZT8PjUs:tUOb1svWpaUfgNbhu1csqu3s
Score10/10-
BetaBot
Beta Bot is a Trojan that infects computers and disables Antivirus.
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Privilege Escalation