General

  • Target

    7c3786257cbcd70df6af2f3db3857bc564c96dc3852a403d268c7133e0b65e02

  • Size

    3.2MB

  • Sample

    240407-tdxdrsgd48

  • MD5

    eb15833366ce4fcbfa77771dfd7ea953

  • SHA1

    0071fbdcb9389bdab266b5b8e37c65726ad11853

  • SHA256

    7c3786257cbcd70df6af2f3db3857bc564c96dc3852a403d268c7133e0b65e02

  • SHA512

    e63b419efad7e3b2da22eae60090efc698fca97865a65adb2ee18b83dafbc5f0017986970fe5bb384e71fbe89864a5426917dfe8a617aee5994e0c216b3ee2bf

  • SSDEEP

    98304:VCQplvZ+0BCYevFHLS9fDb7HlA+Lwn0e2htF0Beq:VCQLLBCYetQDb9E0eJh

Malware Config

Targets

    • Target

      7c3786257cbcd70df6af2f3db3857bc564c96dc3852a403d268c7133e0b65e02

    • Size

      3.2MB

    • MD5

      eb15833366ce4fcbfa77771dfd7ea953

    • SHA1

      0071fbdcb9389bdab266b5b8e37c65726ad11853

    • SHA256

      7c3786257cbcd70df6af2f3db3857bc564c96dc3852a403d268c7133e0b65e02

    • SHA512

      e63b419efad7e3b2da22eae60090efc698fca97865a65adb2ee18b83dafbc5f0017986970fe5bb384e71fbe89864a5426917dfe8a617aee5994e0c216b3ee2bf

    • SSDEEP

      98304:VCQplvZ+0BCYevFHLS9fDb7HlA+Lwn0e2htF0Beq:VCQLLBCYetQDb9E0eJh

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks