General

  • Target

    af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82

  • Size

    498KB

  • Sample

    221204-nv8v8saf3x

  • MD5

    5f9a647deb6b7dbb18296827c397f57f

  • SHA1

    bd3af2a69dfdfc76f5283861398969d362343c06

  • SHA256

    af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82

  • SHA512

    7ea936a260aa5398c5a175de0da29ec96ee264c33b70519f4c9225b4afbcb068572586f5c54ffe5f7e3d353d91cdfcc57a8ac6c66f7c925605939ae14412d0d1

  • SSDEEP

    6144:2d9vzDppTr4FGspPL0ixB1xo9JpjaaBUN+UYs2NHE7/Z8yJ1X5BF+oEPX2hjpvTJ:2HvJF+7byRaagOHa/ZvTn3E/2hjprZ

Malware Config

Targets

    • Target

      af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82

    • Size

      498KB

    • MD5

      5f9a647deb6b7dbb18296827c397f57f

    • SHA1

      bd3af2a69dfdfc76f5283861398969d362343c06

    • SHA256

      af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82

    • SHA512

      7ea936a260aa5398c5a175de0da29ec96ee264c33b70519f4c9225b4afbcb068572586f5c54ffe5f7e3d353d91cdfcc57a8ac6c66f7c925605939ae14412d0d1

    • SSDEEP

      6144:2d9vzDppTr4FGspPL0ixB1xo9JpjaaBUN+UYs2NHE7/Z8yJ1X5BF+oEPX2hjpvTJ:2HvJF+7byRaagOHa/ZvTn3E/2hjprZ

    • BetaBot

      Beta Bot is a Trojan that infects computers and disables Antivirus.

    • Modifies firewall policy service

    • Sets file execution options in registry

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks