General

  • Target

    0a8ab91fda6a2bd169d2db00f932d036108fabd8c258500e43b7c065f5c54724

  • Size

    3.1MB

  • Sample

    240407-3ya6psae75

  • MD5

    1ccd1672039426d9de8df5c69dad08a3

  • SHA1

    07990aeeeb42f49812a3eaec89826fecb4693e89

  • SHA256

    0a8ab91fda6a2bd169d2db00f932d036108fabd8c258500e43b7c065f5c54724

  • SHA512

    57f492014df735eda7097c7881cf593d11b6fdc4a9546d1ccb5b88cfce1705769f53426815b594a2f57c56c78dbcf27f6fd019be9e69b3f21403e1d4b0822f1a

  • SSDEEP

    98304:JQT3IPEDvtfRwVC7jdc+pgPbHuMsc1KpoKZdLs:JmAELtp3p4CMscEpoKZls

Malware Config

Targets

    • Target

      0a8ab91fda6a2bd169d2db00f932d036108fabd8c258500e43b7c065f5c54724

    • Size

      3.1MB

    • MD5

      1ccd1672039426d9de8df5c69dad08a3

    • SHA1

      07990aeeeb42f49812a3eaec89826fecb4693e89

    • SHA256

      0a8ab91fda6a2bd169d2db00f932d036108fabd8c258500e43b7c065f5c54724

    • SHA512

      57f492014df735eda7097c7881cf593d11b6fdc4a9546d1ccb5b88cfce1705769f53426815b594a2f57c56c78dbcf27f6fd019be9e69b3f21403e1d4b0822f1a

    • SSDEEP

      98304:JQT3IPEDvtfRwVC7jdc+pgPbHuMsc1KpoKZdLs:JmAELtp3p4CMscEpoKZls

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks