General

  • Target

    3c4c7f7dc1efe56b6caed94796ec793fecd77695375396a010d20a66fd0489f8

  • Size

    3.0MB

  • Sample

    240407-3gzgzahg4v

  • MD5

    5a1844a9ce382875eb16a9d2e4ad3e3d

  • SHA1

    e2d55aa8e7b32c998a49a03dac4ee3c14011393d

  • SHA256

    3c4c7f7dc1efe56b6caed94796ec793fecd77695375396a010d20a66fd0489f8

  • SHA512

    e2ec54c72bd23f3e293bc7d27b64ac6a783331276b931f3d1109995c17656642ec98f0af36841a3a5cbfc29a502a22802c8728ed8d413f2cf474477812ab621b

  • SSDEEP

    49152:HL7fbw201lsJRrH+DqrGoNUAIi4Vl0Va2SddyVyfzR0mX4MUhZTr5vc90tRfIk5R:HPhesJN23zjmMZ88VzIMG9500tRV3

Malware Config

Targets

    • Target

      3c4c7f7dc1efe56b6caed94796ec793fecd77695375396a010d20a66fd0489f8

    • Size

      3.0MB

    • MD5

      5a1844a9ce382875eb16a9d2e4ad3e3d

    • SHA1

      e2d55aa8e7b32c998a49a03dac4ee3c14011393d

    • SHA256

      3c4c7f7dc1efe56b6caed94796ec793fecd77695375396a010d20a66fd0489f8

    • SHA512

      e2ec54c72bd23f3e293bc7d27b64ac6a783331276b931f3d1109995c17656642ec98f0af36841a3a5cbfc29a502a22802c8728ed8d413f2cf474477812ab621b

    • SSDEEP

      49152:HL7fbw201lsJRrH+DqrGoNUAIi4Vl0Va2SddyVyfzR0mX4MUhZTr5vc90tRfIk5R:HPhesJN23zjmMZ88VzIMG9500tRV3

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks