General

  • Target

    11447e63dcfe64ab605570c1b7f8e2e6bd632f946af728c93780814427e7ea74

  • Size

    3.0MB

  • Sample

    240406-hnhsksdf52

  • MD5

    08d570702664c321e6cfe3dc660b0d95

  • SHA1

    86ad030259f70144f98be6155e1cefb3c86740ee

  • SHA256

    11447e63dcfe64ab605570c1b7f8e2e6bd632f946af728c93780814427e7ea74

  • SHA512

    c11e10d9bd52aa2c0e26d48cd5113e31061770e423a6cbdab3bd01bb19850d697de184a3582dd6cd35cdd76d7fabe4eab2448cfb05e65bc96691aaafe81cc79b

  • SSDEEP

    49152:5v3P2R//ayAQCYy9T6CElHGyOnfzLHNHzjkHIyXwwxu7peT0H6UkmNW8FIGDD:5vflVQCfKl/OnfdTg14wUkVU

Malware Config

Targets

    • Target

      11447e63dcfe64ab605570c1b7f8e2e6bd632f946af728c93780814427e7ea74

    • Size

      3.0MB

    • MD5

      08d570702664c321e6cfe3dc660b0d95

    • SHA1

      86ad030259f70144f98be6155e1cefb3c86740ee

    • SHA256

      11447e63dcfe64ab605570c1b7f8e2e6bd632f946af728c93780814427e7ea74

    • SHA512

      c11e10d9bd52aa2c0e26d48cd5113e31061770e423a6cbdab3bd01bb19850d697de184a3582dd6cd35cdd76d7fabe4eab2448cfb05e65bc96691aaafe81cc79b

    • SSDEEP

      49152:5v3P2R//ayAQCYy9T6CElHGyOnfzLHNHzjkHIyXwwxu7peT0H6UkmNW8FIGDD:5vflVQCfKl/OnfdTg14wUkVU

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks