a00a54911b40fe81921fb19feb94f5ed4d10735eb273e9eda77edbf27b376ad7

Sharing

Copy URL

Twitter E-mail

General

Target

MegaHackInstaller (1).zip
Size

22.2MB
Sample

240220-bn23wshb62
MD5

678a6f79aaa4c9ee444729b09ad1d355
SHA1

2cc2d0e3ba4a5dfd7947466080dc0a28ce292d2a
SHA256

a00a54911b40fe81921fb19feb94f5ed4d10735eb273e9eda77edbf27b376ad7
SHA512

d05119c52a036acf321de5704b7802ca183449a78924910190775560a8be28cd8df14b06f6caa02333ac91f851c7792a453a5af5d7cb62d63d62e7799afc17c8
SSDEEP

393216:COD5bh3m6Sv0AZ8xMf6dSw0VfCr3g467vjApzuc14qPDoICLs7vlbyj9qMV5x:3D/mVbGxCwS3fCr3g46bcac14qPHCLsg

Score

9^/10

Malware Config

Targets

- Target
  
  MegaHackInstaller/D3Dcompiler_47.dll
- Size
  
  3.3MB
- MD5
  
  c5b362bce86bb0ad3149c4540201331d
- SHA1
  
  91bc4989345a4e26f06c0c781a21a27d4ee9bacd
- SHA256
  
  efbdbbcd0d954f8fdc53467de5d89ad525e4e4a9cfff8a15d07c6fdb350c407f
- SHA512
  
  82fa22f6509334a6a481b0731de1898aa70d2cf3a35f81c4a91fffe0f4c4dd727c8d6a238c778adc7678dfcf1bc81011a9eff2dee912e6b14f93ca3600d62ddd
- SSDEEP
  
  49152:PyZ9lnpmVm/w+EwVOmufvkQS8MH2J9CqS5Sqr88pPWW5KhQYPsXqUiQ6:E9fWAwVBC8MH2JNSF8+YPsXqUT6
Score

3^/10
behavioral1 behavioral2
- Target
  
  MegaHackInstaller/MegaHackInstaller.exe
- Size
  
  4.2MB
- MD5
  
  df36e1cd968c7336fe4f29094e4099f9
- SHA1
  
  2034e5f5d130dbf71c7e6ac82f8dbf808cfbd5c4
- SHA256
  
  e840c1a894e7b96d401845f37f634204dccf23fb23f73e847131e8467cb62524
- SHA512
  
  47778a6a1aa96ac8a2b5acb1208562df8b2e9e053d21cae9a8077b5d072d3661449c0e33444b4b19c4c1774a89663077df03668cef45108b5a92ae508fb02f37
- SSDEEP
  
  98304:Qj2MjWxUAAWc0fnpTBTgY4EaIsSYK39B9Biih/nIGm9:Q6MEkWdBTgYzXsbYB9fnxk
Score

9^/10

evasion themida trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Checks whether UAC is enabled
  evasion trojan
behavioral3 behavioral4
- Target
  
  MegaHackInstaller/Qt5Core.dll
- Size
  
  5.1MB
- MD5
  
  7d180286e9c071c7bc3a6bc2ace792ac
- SHA1
  
  f5947d69aeaacc8a378721f3750b049cc41dddef
- SHA256
  
  4f8dc460162407cfccb1be6ef9cce45c4449de838aeffa3fd33378f01a3f9cc4
- SHA512
  
  9b30d5dd48e736da770e71622b79da294829621565cfc4d995ca31c8cfbbbe2d577677f4240e0ff2d995deeeb5f894018412596c141e8360dd77bf12596ce167
- SSDEEP
  
  49152:q1AH+7g4QrRpvOK8Bbl+Gy+/LZsxRFNHlZTlJsv6tWKFdu9C/cPk4VHEYI9CV4eO:E5gje5lCjzJsv6tWKFdu9CtvDhgwcY
Score

3^/10
behavioral5 behavioral6
- Target
  
  MegaHackInstaller/Qt5Gui.dll
- Size
  
  5.6MB
- MD5
  
  5b0f3d5b1b29b5e650375093c7afa243
- SHA1
  
  1920cbc98bd46a3a72bcfb45caefcfa2649a92e6
- SHA256
  
  80016776efea2b2a838c3ffa4c82e5f146baff68c36073c0c34668809d1c4297
- SHA512
  
  9db9a90ab5a1a768e079cf9b10f1da868ac7dae774e90e139ee047c9c8fb43cc5b3e01ae3724ea74efd64409eeeafbcda4f04da3e86265575a3831a4fc69cc8c
- SSDEEP
  
  49152:FKUDGaBVW3sDAPNaiCZPcSnt8KQ6oOtA/tiG7WwjrAxLXwQ98vd+hc0WM66fL5cQ:wUKssPdOy/tZWnXThVc5tnB6NDrd
Score

1^/10
behavioral7 behavioral8
- Target
  
  MegaHackInstaller/Qt5Network.dll
- Size
  
  1.0MB
- MD5
  
  2e3db1cd1ec59d08706438258e86ea30
- SHA1
  
  bc20b1e40049386e6bea3f448a6852bc879a8821
- SHA256
  
  37275f3ea79d15a2792bf21f71f1df825f201cf8b33aa1f94ca93d62d76b216c
- SHA512
  
  0c0e0e02ccadc3f2b3f6c8cbf2c162fb73734b0b244c80048968a6fe268450a270a3f92b155daf6268fef246d26ad417e6cec224133fd66e6ffb3a5394b04358
- SSDEEP
  
  24576:Aul0ktv339DOBVXaIFP698DWk7PVmr0qwjb:A8sJVWAcwnH
Score

3^/10
behavioral10 behavioral9
- Target
  
  MegaHackInstaller/Qt5Svg.dll
- Size
  
  257KB
- MD5
  
  ef0d5a2dc1d7a921f2bb0eb3eef2e481
- SHA1
  
  cb167ec49221ec5245fd9bff7e7eed6c7cf38d51
- SHA256
  
  ade28d4cbac1e033468cb48f380352f0df7fbbce03261c48827b8a5ed7a1548e
- SHA512
  
  ecb41cb9bc4a4470f039d02441a0c0e8c596ffd55deb924e516c4c8fc880357d5d2d1ef36e63b1303faa7dac5c921679a0f405c39f6e0b32b3746c972653b789
- SSDEEP
  
  6144:71lj55OgW5ODJ+bXhE4o+K08LJw8Rk8bOvR1yGaucmSJyUIEDv8ma4y4GeO43iUM:7bJ+bXK4o+K08ROvR8ucmSun5h
Score

3^/10
behavioral11 behavioral12
- Target
  
  MegaHackInstaller/Qt5Widgets.dll
- Size
  
  4.3MB
- MD5
  
  da70580648a398ab1c5336ee9ec631ca
- SHA1
  
  fa67a8a2d7f7930a45974dcb7a12e56914bf0a57
- SHA256
  
  600285754e7eee7239b9d252dbed5c9d2c9c4c432751b8953dcb2e8b45e0408a
- SHA512
  
  83d85df1717a5b1dd5b31f5ab33e73d1442027a719af7fdcd20d578598f436d63e7cf58287cbe34dbee8d5b0464a68dfd471d8ec6a95a3168eb8639864a7adfc
- SSDEEP
  
  49152:ypo1FNXS+dh75PMvZZNNt+iIo5uL5Sdbtye6cEu0n:oIPqZZUfwusae6ju0n
Score

3^/10
behavioral13 behavioral14
- Target
  
  MegaHackInstaller/bearer/qgenericbearer.dll
- Size
  
  43KB
- MD5
  
  57f3ffcf6a99abdeca93d0bebd9f05d8
- SHA1
  
  f1b7038c4f6cad75b8a6d115255421d60f1de04f
- SHA256
  
  44b59c980ca26aca133bd3842155c55eb30630853c3c316e1955415e10b34c0f
- SHA512
  
  cbe0ed19d03540ffef93c4028ba7bf170ca82d1bfd15d432c7fb0edf96e450c9ddd85701b3ef52edabac96fd3cb6e3da2eadf4ed1de3907e986e8f3d64dd3b08
- SSDEEP
  
  768:EYnMoTheMJroMOENIFanla6PK2Jbga+5+yAXmjkJuDZbjV52dDGFeTUf2hl:Xhe8O6QalaYbga+PjkJuDZbn2VTUfy
Score

1^/10
behavioral15 behavioral16
- Target
  
  MegaHackInstaller/iconengines/qsvgicon.dll
- Size
  
  34KB
- MD5
  
  a85ea17fb2ca9258e71d0a60667eae6a
- SHA1
  
  9bc4333321611769a51bcb5292c0517c227614c6
- SHA256
  
  5456152400a84c153728007bd1c7d549788d2300441addd40c18d7e17f757856
- SHA512
  
  ead8a715f75c82fe85a2d475010d8c880b13700c847840810bd6f75f6a4a418ded406133404a1c3d196461d676f8819a7bff25e556d25250d031e513303f81eb
- SSDEEP
  
  768:crdZm5mjw1lQR8Z3Zf3V+hFem0wKk84XmydDGFUf2hE:6u1lQQ3Zf3V+Lem0wKk849kUfP
Score

1^/10
behavioral17 behavioral18
- Target
  
  MegaHackInstaller/imageformats/qgif.dll
- Size
  
  33KB
- MD5
  
  e3a1338efadabb9fc23d955af9a7e070
- SHA1
  
  dfbe82b183fff002a2e841d73474c78f646fdba2
- SHA256
  
  f1fa3bfeea6a600f2c6d209775154cee349b7f687cb4f7213a8cad8870dbb812
- SHA512
  
  0413a6116e227fa6a3dd7da6fa4bb8db59ed64fc16e37bfa49ca28c687fe791941b3a23193796eb0ece458e87f9f78f587b3a1fe0f188b63b9148037997df1a2
- SSDEEP
  
  768:aL5MPkjurnzyuVlfehyScQeOYGuOU9OOHhTNAYFdDGzUf2hW:aNYnzyuLeEfQeFGuOU9OOHhZAYFOUf5
Score

1^/10
behavioral19 behavioral20
- Target
  
  MegaHackInstaller/imageformats/qicns.dll
- Size
  
  37KB
- MD5
  
  862a826020dfe7ab690900a87250992d
- SHA1
  
  983117858f162f7eab3f4aee6e0d9619e20637ef
- SHA256
  
  f96e413dc1b8a67c025b3d1769241ee96dd8b079b367a6c868d650a6b68154c4
- SHA512
  
  a71cdfba3023934d0bfe25a05d2fda00f60caaf77122cc0d52c7c6f6555ebf43e13555b563a564023c02e9419471a8ed325d182508ad276517c68c9691d5704a
- SSDEEP
  
  768:nwFo5IoYXrOOmYaRCNOq9QNdhVJ0hBEH3lMwAJXGdtpZmPdDGGzUf2h2:wWBIf9QvJgEX6wAJXGdtpZmP3UfP
Score

1^/10
behavioral21 behavioral22
- Target
  
  MegaHackInstaller/imageformats/qico.dll
- Size
  
  31KB
- MD5
  
  7200f8e1af1c6a60501d5fef7772fd0b
- SHA1
  
  5f2bac81a60f7fdfbe8b1a01f111660a3614d679
- SHA256
  
  35cf0ae6bcd1b8322482d40bf2dd693e276548885284b88e6631ab18a0c2c60e
- SHA512
  
  097835d4c8c61c2489e831b31a8bb6f2feea277439d6697b6e3165ccb6e4758986c9a1fa754696da53b6005a041156ff8bc455a71dc31ea799f5891348a07f22
- SSDEEP
  
  768:1wLKUeP1ob4OgufLCJGqU2SZ6HseQdDG0Uf2hKT:4KUeP1WyufLCJGqU2SZ6HseQ9Ufz
Score

1^/10
behavioral23 behavioral24
- Target
  
  MegaHackInstaller/imageformats/qjpeg.dll
- Size
  
  365KB
- MD5
  
  438b696a9811cd821bbe2c54b5c1b4b1
- SHA1
  
  55eb74a0015228b1e6c1dc97e6f427c9dc804587
- SHA256
  
  84c23191b5e35eaf899358c21445a5377845c0653668bbd99b1aa8796e0248c7
- SHA512
  
  961ed9cfcd61a1fc32de89cb97100aaa9a9225c80673b2176975bf62af7f3a0e77a91fb723ed52c553e10a6f754a5e8c8085bdfbd56ef2de8144c53bf41f4e91
- SSDEEP
  
  6144:QsC804cB4tEXoOitMk5R8vsLK0LXz5pmglF90l7s0aGajl8Z9cg:Qr4bOzk5R+s5LFg9cg
Score

1^/10
behavioral25 behavioral26
- Target
  
  MegaHackInstaller/imageformats/qsvg.dll
- Size
  
  27KB
- MD5
  
  f304a2c8067f804d25b98d360e92829f
- SHA1
  
  dae1d07de8c33912ff4ffc957f8817b2b3e8293a
- SHA256
  
  e45893bb7db31bfd32e87dc7a6b02709fca36eb83a25aedc45a39178ec80051e
- SHA512
  
  5bc122bea8de687820932666c6b76bb153b115263b31a40fd7823a2a36ebc88b27626e06e3a6c5dc5f62970c8c7e9c094984b494d7f279bfdb9bac7a8c2964ca
- SSDEEP
  
  768:WV5VVvwZ12uh991MD9dhQwe+oQQUcesJbT73dDG5Uf2hg:IvwZ12aC9Qwe+ZQUbsJbTLwUfX
Score

1^/10
behavioral27 behavioral28
- Target
  
  MegaHackInstaller/imageformats/qtga.dll
- Size
  
  26KB
- MD5
  
  367c723591fde64c38202d4c0f5ecfde
- SHA1
  
  c13d74f417601c656f343f00d15e56517ee03b6a
- SHA256
  
  ccd620e74045d9c9157903120140b97419cbbe91fd43337e640c67cd4522072a
- SHA512
  
  31c084ba00e094e30c6f912ecd045e19c4451d8783a80dc99b99098f84c5500665a35ac901b0fde84d04df898ad67448e83539a7daa4928e8c78f798b359b256
- SSDEEP
  
  384:kg8gKOwVg6VjbFnOfEIzPMoVhWyrsdnyBSxQrrVIyndDGdEDgf2hR:kPxOQXOfEnoVh5/BSxQrxIYdDGKUf2hR
Score

1^/10
behavioral29 behavioral30
- Target
  
  MegaHackInstaller/imageformats/qtiff.dll
- Size
  
  345KB
- MD5
  
  49b6f0ba901f649ab110744e34076951
- SHA1
  
  4c9eebadb5b86147ea94f48eaa6705a4b75b3e61
- SHA256
  
  5128aedf4bd9b747ac848bf85e0ffb99ba814bd8e671adff7d26391d31259050
- SHA512
  
  b42a13f0215a194f77781ac74cf55c24a0f0bc99cc872ea06125cfe12ffef93add0665991339db3b7962262e6d381f20227da3272360450b53993d06bc0ec98a
- SSDEEP
  
  6144:BpYIdJpn0zXsT6DP64icIkjEkaNCTjM+8kBHWNFnHJXGFkDQDWr:jYIp06+IkjeNGjIkZZKr
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1497

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Virtualization/Sandbox Evasion

T1497

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Checks BIOS information in registry

Themida packer

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32