Resubmissions

21-11-2022 17:51

221121-we5smseh9y 10

21-11-2022 17:35

221121-v551naef4s 9

General

  • Target

    BABB5BC09EFE7D42910D7504AC7F688F.fil

  • Size

    8.6MB

  • Sample

    221121-we5smseh9y

  • MD5

    babb5bc09efe7d42910d7504ac7f688f

  • SHA1

    a31961b8d0788212653815b897461b27b28760ae

  • SHA256

    4125defe095eee3c1811a62a83c559602d0041d300a8e73ac0bb43b6e9de1db3

  • SHA512

    d3bd647cfed02f6efbd3fa9a85fd27b2e86d8c678a256f23a007af08597657793790e37c4fbd00e22a0d4e864361ff589532ea5f38f1590cc6b5b723a7d461ab

  • SSDEEP

    196608:28RdIDarx4UQ3tYMkZfn90quXSlnz8eryfu5m0iJ0VOLAwu:5etY/Zf90quXSljrH5mPJJAb

Score
10/10

Malware Config

Targets

    • Target

      BABB5BC09EFE7D42910D7504AC7F688F.fil

    • Size

      8.6MB

    • MD5

      babb5bc09efe7d42910d7504ac7f688f

    • SHA1

      a31961b8d0788212653815b897461b27b28760ae

    • SHA256

      4125defe095eee3c1811a62a83c559602d0041d300a8e73ac0bb43b6e9de1db3

    • SHA512

      d3bd647cfed02f6efbd3fa9a85fd27b2e86d8c678a256f23a007af08597657793790e37c4fbd00e22a0d4e864361ff589532ea5f38f1590cc6b5b723a7d461ab

    • SSDEEP

      196608:28RdIDarx4UQ3tYMkZfn90quXSlnz8eryfu5m0iJ0VOLAwu:5etY/Zf90quXSljrH5mPJJAb

    Score
    10/10
    • Detected phishing page

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks