General

  • Target

    7e5d10a4af76a00fdbfec50f2ca42a273f0278bf35dadc684205f7aa2e1ccb16

  • Size

    3.1MB

  • Sample

    240406-fghg5aba7z

  • MD5

    dd94fcf63d09897541a447ff40e5f08c

  • SHA1

    182676bf658c50cd35e147f063b1286058905772

  • SHA256

    7e5d10a4af76a00fdbfec50f2ca42a273f0278bf35dadc684205f7aa2e1ccb16

  • SHA512

    a491a81ecad3b7cf269d7b8ecd52f9bb67566544c655018e4db15dcbd2e7889d6f7aa76aa7476fee2f7a0cc017dd00d4be315729a9ec9e01d9ec157ea62bae41

  • SSDEEP

    98304:Vl+XkEgdVhV8xUeCrLursTnjG5lSCzj4jdvcA:DEcVhexUe5rsTi5fIjdvcA

Malware Config

Targets

    • Target

      7e5d10a4af76a00fdbfec50f2ca42a273f0278bf35dadc684205f7aa2e1ccb16

    • Size

      3.1MB

    • MD5

      dd94fcf63d09897541a447ff40e5f08c

    • SHA1

      182676bf658c50cd35e147f063b1286058905772

    • SHA256

      7e5d10a4af76a00fdbfec50f2ca42a273f0278bf35dadc684205f7aa2e1ccb16

    • SHA512

      a491a81ecad3b7cf269d7b8ecd52f9bb67566544c655018e4db15dcbd2e7889d6f7aa76aa7476fee2f7a0cc017dd00d4be315729a9ec9e01d9ec157ea62bae41

    • SSDEEP

      98304:Vl+XkEgdVhV8xUeCrLursTnjG5lSCzj4jdvcA:DEcVhexUe5rsTi5fIjdvcA

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks