General

  • Target

    3fd308dba33f22320d223a58e01e5c84a4126f98bd8de0116f1c6b478d084896

  • Size

    3.0MB

  • Sample

    240406-e2yjeaad8w

  • MD5

    51acb376c7f64186d79d2ee058385007

  • SHA1

    a89b1a38d438b64aeb80fd139f0e4c53570cc7be

  • SHA256

    3fd308dba33f22320d223a58e01e5c84a4126f98bd8de0116f1c6b478d084896

  • SHA512

    314a9c7fc634f2f161a375a57addb890a96b62c4d9afb093ab7bc9653df176e7b4f34b62ad3fc501b16a33417e17c5205bf75f0ba306f97f4be4caba785919c6

  • SSDEEP

    98304:iIrVoWXfBcdDKeu9vNc6eiUoIWRdukLXn0NU+4I42:/7XZhxNc6eiUoBEkLgU+r42

Malware Config

Targets

    • Target

      3fd308dba33f22320d223a58e01e5c84a4126f98bd8de0116f1c6b478d084896

    • Size

      3.0MB

    • MD5

      51acb376c7f64186d79d2ee058385007

    • SHA1

      a89b1a38d438b64aeb80fd139f0e4c53570cc7be

    • SHA256

      3fd308dba33f22320d223a58e01e5c84a4126f98bd8de0116f1c6b478d084896

    • SHA512

      314a9c7fc634f2f161a375a57addb890a96b62c4d9afb093ab7bc9653df176e7b4f34b62ad3fc501b16a33417e17c5205bf75f0ba306f97f4be4caba785919c6

    • SSDEEP

      98304:iIrVoWXfBcdDKeu9vNc6eiUoIWRdukLXn0NU+4I42:/7XZhxNc6eiUoBEkLgU+r42

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks