General
-
Target
8572f4becdc95089022caacfbccb17206f55b085dc6f0d25436a04d71202e557
-
Size
360KB
-
Sample
231224-2h3qcaecej
-
MD5
8e9859f020402fc117203cdf6c11cab7
-
SHA1
f6fbe4cc349b42a69c1eef2da288ccad5d6b49dd
-
SHA256
8572f4becdc95089022caacfbccb17206f55b085dc6f0d25436a04d71202e557
-
SHA512
13f5587011c837c74499aa5c6eea11cb37cf179059da85a37622671ff9ad862aec6d3b04387a6f74f943582fcd5037df4355b52516f8ec7967188bb28aa5c55b
-
SSDEEP
6144:ldRiIIdU4QdFksgTOzEV6zs1hfk8MIcG1Zb7d+0PuSCU4CzmJkdVds:7RiNdU4+FkRTOzEV6zs1hfk8oYVd+DjB
Malware Config
Targets
-
-
Target
8572f4becdc95089022caacfbccb17206f55b085dc6f0d25436a04d71202e557
-
Size
360KB
-
MD5
8e9859f020402fc117203cdf6c11cab7
-
SHA1
f6fbe4cc349b42a69c1eef2da288ccad5d6b49dd
-
SHA256
8572f4becdc95089022caacfbccb17206f55b085dc6f0d25436a04d71202e557
-
SHA512
13f5587011c837c74499aa5c6eea11cb37cf179059da85a37622671ff9ad862aec6d3b04387a6f74f943582fcd5037df4355b52516f8ec7967188bb28aa5c55b
-
SSDEEP
6144:ldRiIIdU4QdFksgTOzEV6zs1hfk8MIcG1Zb7d+0PuSCU4CzmJkdVds:7RiNdU4+FkRTOzEV6zs1hfk8oYVd+DjB
Score10/10-
BetaBot
Beta Bot is a Trojan that infects computers and disables Antivirus.
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1