General

  • Target

    796735a2922b7460e8db41bb85355468232277652ac5be35ee15c7a00ce21c5c

  • Size

    3.0MB

  • Sample

    240406-hmjngsdf37

  • MD5

    44f1b353037636a6dddb30acd075a552

  • SHA1

    6c4b9f8035d761e2bb256c56e1e23d947eadc0f2

  • SHA256

    796735a2922b7460e8db41bb85355468232277652ac5be35ee15c7a00ce21c5c

  • SHA512

    93594f2a1f406ab08739999fb1a8fe81e40e49f15d2039d8da653e49cd5c46bad7ef02da8b1aee123a094912f490a075a4675dcfd902f25af3b3a668028b34e6

  • SSDEEP

    49152:NhvWhtneeGKr8U3e0Nsl01LQlqbstft6SQleUqQ0U7+cDhhxP+ApxMK:4neQ8F0q0NMqOkS8eByV+ApN

Malware Config

Targets

    • Target

      796735a2922b7460e8db41bb85355468232277652ac5be35ee15c7a00ce21c5c

    • Size

      3.0MB

    • MD5

      44f1b353037636a6dddb30acd075a552

    • SHA1

      6c4b9f8035d761e2bb256c56e1e23d947eadc0f2

    • SHA256

      796735a2922b7460e8db41bb85355468232277652ac5be35ee15c7a00ce21c5c

    • SHA512

      93594f2a1f406ab08739999fb1a8fe81e40e49f15d2039d8da653e49cd5c46bad7ef02da8b1aee123a094912f490a075a4675dcfd902f25af3b3a668028b34e6

    • SSDEEP

      49152:NhvWhtneeGKr8U3e0Nsl01LQlqbstft6SQleUqQ0U7+cDhhxP+ApxMK:4neQ8F0q0NMqOkS8eByV+ApN

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks