General

  • Target

    944d474db141b7db618db68521a4c2e4aa952b27fa7d9cb9a2d33a34f8f64127

  • Size

    3.0MB

  • Sample

    240407-3wwpmaac4z

  • MD5

    ae59660aa9059363dc2f5ae4fb23eec4

  • SHA1

    e199c02b7a8d208a89d7fa636e38bec53b929429

  • SHA256

    944d474db141b7db618db68521a4c2e4aa952b27fa7d9cb9a2d33a34f8f64127

  • SHA512

    b4ef2694d797ebf1c607f4141ff7ec487b80781ff94bcbf5a6f9c978716aee7867bd28f869ba967008a3a4ad3ffd78966c605cbf3ab1e8d6a79f05195468c6e4

  • SSDEEP

    98304:E4lHxboiax4Ti/TdCcg1E11cPH5cyV7i6XfKfc:E8HFoig4TiLDg+cP6mi6XfOc

Malware Config

Targets

    • Target

      944d474db141b7db618db68521a4c2e4aa952b27fa7d9cb9a2d33a34f8f64127

    • Size

      3.0MB

    • MD5

      ae59660aa9059363dc2f5ae4fb23eec4

    • SHA1

      e199c02b7a8d208a89d7fa636e38bec53b929429

    • SHA256

      944d474db141b7db618db68521a4c2e4aa952b27fa7d9cb9a2d33a34f8f64127

    • SHA512

      b4ef2694d797ebf1c607f4141ff7ec487b80781ff94bcbf5a6f9c978716aee7867bd28f869ba967008a3a4ad3ffd78966c605cbf3ab1e8d6a79f05195468c6e4

    • SSDEEP

      98304:E4lHxboiax4Ti/TdCcg1E11cPH5cyV7i6XfKfc:E8HFoig4TiLDg+cP6mi6XfOc

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks