Overview

overview

10

Static

static

7

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    52738617a815f216849730b01380dd4cbed34e7b385419218be7b11d9950abdf

  • Size

    3.0MB

  • Sample

    240405-f4pjysda4s

  • MD5

    ab1e9d0d56251dadf6458604b3fa2da1

  • SHA1

    9c8d01ecedcc4e390bec990086c194d8a07b1d89

  • SHA256

    52738617a815f216849730b01380dd4cbed34e7b385419218be7b11d9950abdf

  • SHA512

    8c98dbe2961ad769d557b0d02067127c224142a6d2054d1412c8c0a530f12abdbfd31e173e6da027b347201f6a34822bbf05b96b8548d2425364ee73c4111aea

  • SSDEEP

    98304:+ScOVN7AZfIXnc9wzF/jxCuqo/FZVH6AtCPj/0:+ScOVqlIs9wzF/jguNdz6R

Score
10/10
riseproevasionstealerthemidatrojan

Malware Config

Targets

    • Target

      52738617a815f216849730b01380dd4cbed34e7b385419218be7b11d9950abdf

    • Size

      3.0MB

    • MD5

      ab1e9d0d56251dadf6458604b3fa2da1

    • SHA1

      9c8d01ecedcc4e390bec990086c194d8a07b1d89

    • SHA256

      52738617a815f216849730b01380dd4cbed34e7b385419218be7b11d9950abdf

    • SHA512

      8c98dbe2961ad769d557b0d02067127c224142a6d2054d1412c8c0a530f12abdbfd31e173e6da027b347201f6a34822bbf05b96b8548d2425364ee73c4111aea

    • SSDEEP

      98304:+ScOVN7AZfIXnc9wzF/jxCuqo/FZVH6AtCPj/0:+ScOVqlIs9wzF/jguNdz6R

    Score
    10/10
    riseproevasionstealerthemidatrojan

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

      stealerrisepro

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks