Overview

overview

9

Static

static

7

4c95a2218a...22.exe

windows7-x64

9

4c95a2218a...22.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    4c95a2218a0b9ba592e85c0675714022

  • Size

    2.7MB

  • Sample

    240108-14qr8sdcdj

  • MD5

    4c95a2218a0b9ba592e85c0675714022

  • SHA1

    d6c4985492ec9a4c668bdc3bd458c7b653f0a776

  • SHA256

    e71a1d56f9aaa45c721f21a48331e753c543c798adeea5b26605ecdf50d621c6

  • SHA512

    b34319e86843257a9b7f0525856edee562cd38b4c4499577f47f17c8fc34fa6e02f377b0d22a9d43c124c33ab1bba79ada5a6ce7aef1c7c3fe73e236ffb40b58

  • SSDEEP

    49152:m8zCMDSgcPMhz6mNPqhRmYrDomMVhDmlDXaGwnpBwEI70ye/Fyyv:F2MDS0BtNPqhRmIDomeuXWpBwEIS9

Score
9/10
evasiontrojanupx

Malware Config

Targets

    • Target

      4c95a2218a0b9ba592e85c0675714022

    • Size

      2.7MB

    • MD5

      4c95a2218a0b9ba592e85c0675714022

    • SHA1

      d6c4985492ec9a4c668bdc3bd458c7b653f0a776

    • SHA256

      e71a1d56f9aaa45c721f21a48331e753c543c798adeea5b26605ecdf50d621c6

    • SHA512

      b34319e86843257a9b7f0525856edee562cd38b4c4499577f47f17c8fc34fa6e02f377b0d22a9d43c124c33ab1bba79ada5a6ce7aef1c7c3fe73e236ffb40b58

    • SSDEEP

      49152:m8zCMDSgcPMhz6mNPqhRmYrDomMVhDmlDXaGwnpBwEI70ye/Fyyv:F2MDS0BtNPqhRmIDomeuXWpBwEIS9

    Score
    9/10
    evasiontrojanupx

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks