General

  • Target

    6f7eb3124623b2b4e21ce9417c6ee81e94862974f52668e18963a9e7061da78b

  • Size

    3.1MB

  • Sample

    240407-3h3k1saa36

  • MD5

    cd950fc0304fb67799bee001440a4d5a

  • SHA1

    2e489eef0844345384f2cd400aad49aeda04e6df

  • SHA256

    6f7eb3124623b2b4e21ce9417c6ee81e94862974f52668e18963a9e7061da78b

  • SHA512

    b74db88b60bb698ce645f37b8c939e42dd4629a7673644650cf22c0f6dd223d3cb0804d6868ce03b495516e164aaddbd37a911a1149018051c52344713ce604a

  • SSDEEP

    49152:el4lHHeIcGwY5y1ByQ9TQ1HdF42qLC4AmE35sAW59FfUiZeoJMOc3AAR8KY5Uxs:bRH1WY5y1B3sH/t5mWHg9iiZxinU

Malware Config

Targets

    • Target

      6f7eb3124623b2b4e21ce9417c6ee81e94862974f52668e18963a9e7061da78b

    • Size

      3.1MB

    • MD5

      cd950fc0304fb67799bee001440a4d5a

    • SHA1

      2e489eef0844345384f2cd400aad49aeda04e6df

    • SHA256

      6f7eb3124623b2b4e21ce9417c6ee81e94862974f52668e18963a9e7061da78b

    • SHA512

      b74db88b60bb698ce645f37b8c939e42dd4629a7673644650cf22c0f6dd223d3cb0804d6868ce03b495516e164aaddbd37a911a1149018051c52344713ce604a

    • SSDEEP

      49152:el4lHHeIcGwY5y1ByQ9TQ1HdF42qLC4AmE35sAW59FfUiZeoJMOc3AAR8KY5Uxs:bRH1WY5y1B3sH/t5mWHg9iiZxinU

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks