General

  • Target

    949bb350bfaa64ad46ea4eb881c01d420d17b3ebc0fb082792ea611ede2301b9

  • Size

    3.1MB

  • Sample

    240406-gkbz7acg65

  • MD5

    2b195accd9be0f221f2faca46b118d9b

  • SHA1

    8d8c1da3b8436b285df3b83e527b4145e22d6886

  • SHA256

    949bb350bfaa64ad46ea4eb881c01d420d17b3ebc0fb082792ea611ede2301b9

  • SHA512

    eb7da689f7a5803a503374745ad2d91a38bb8acaeacdafe2e052bb771ed9cf05a14ad30bfe6f159b41821e988a4bb076a4baa2c6221b5cfca562295be2306266

  • SSDEEP

    49152:TRMNTjm5LAM2G2MTDCIVeMYrMbD6iTaopYBQzASmvq2BjX4BMMhPUNqknnXD3TE3:TRMNXmuo1XBVeopYEmvqKWnDknTDpfe

Malware Config

Targets

    • Target

      949bb350bfaa64ad46ea4eb881c01d420d17b3ebc0fb082792ea611ede2301b9

    • Size

      3.1MB

    • MD5

      2b195accd9be0f221f2faca46b118d9b

    • SHA1

      8d8c1da3b8436b285df3b83e527b4145e22d6886

    • SHA256

      949bb350bfaa64ad46ea4eb881c01d420d17b3ebc0fb082792ea611ede2301b9

    • SHA512

      eb7da689f7a5803a503374745ad2d91a38bb8acaeacdafe2e052bb771ed9cf05a14ad30bfe6f159b41821e988a4bb076a4baa2c6221b5cfca562295be2306266

    • SSDEEP

      49152:TRMNTjm5LAM2G2MTDCIVeMYrMbD6iTaopYBQzASmvq2BjX4BMMhPUNqknnXD3TE3:TRMNXmuo1XBVeopYEmvqKWnDknTDpfe

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks