General

  • Target

    1944c9c7307d1f7043a27fd1e5e98246b59ca8877024f865cdd6953f9b8368f1

  • Size

    3.1MB

  • Sample

    240407-3xtawsae68

  • MD5

    87dd3acb72153b4bf2b545ef3c5c6c2b

  • SHA1

    88bc835d0f9cb36fd725337678c88a900718c49b

  • SHA256

    1944c9c7307d1f7043a27fd1e5e98246b59ca8877024f865cdd6953f9b8368f1

  • SHA512

    a8ad8727b46c1ea216a5d6ebb8a4829e3615ed8d36ad3f724f9ddc6b2b62ba21a38355ab3def40266a37fc5c4acb99035f911e96c899e90294cdad3e3ede7278

  • SSDEEP

    49152:0YZxz5xw+hM9TJb9iLw0QJDKH5g49suJwR4q56mYjzSAvJvATlea67+wl/LaRj3N:F5xw+6F9+gDKH5bsT56mYjjJSwT7+we

Malware Config

Targets

    • Target

      1944c9c7307d1f7043a27fd1e5e98246b59ca8877024f865cdd6953f9b8368f1

    • Size

      3.1MB

    • MD5

      87dd3acb72153b4bf2b545ef3c5c6c2b

    • SHA1

      88bc835d0f9cb36fd725337678c88a900718c49b

    • SHA256

      1944c9c7307d1f7043a27fd1e5e98246b59ca8877024f865cdd6953f9b8368f1

    • SHA512

      a8ad8727b46c1ea216a5d6ebb8a4829e3615ed8d36ad3f724f9ddc6b2b62ba21a38355ab3def40266a37fc5c4acb99035f911e96c899e90294cdad3e3ede7278

    • SSDEEP

      49152:0YZxz5xw+hM9TJb9iLw0QJDKH5g49suJwR4q56mYjzSAvJvATlea67+wl/LaRj3N:F5xw+6F9+gDKH5bsT56mYjjJSwT7+we

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks