General

  • Target

    ddb4f3f09b1eb74ca609fd235d49fd844239ee88c279c4b3f8deeea239687e20

  • Size

    3.0MB

  • Sample

    240407-x7m9qscc7z

  • MD5

    3946750f0756689a64df8aded44f326a

  • SHA1

    fec4450d32bd79aa666b544e5c6701f7278b3cb0

  • SHA256

    ddb4f3f09b1eb74ca609fd235d49fd844239ee88c279c4b3f8deeea239687e20

  • SHA512

    913c8e2cc8f17c7978fb436e3239920a2bf0a7ae27e6002fb563f035ddcf7abd0d22e792f5cd408f09d062a0d6861683e5c46777c4685637a25ae193b0f7cf07

  • SSDEEP

    49152:Uu1Wb9/6ogh5UTIqyP/VKG9d+ug3S6YDge/1waaRUCBWmUcTO9vmBm1Uep4fiksc:Uu1WptEjf99CS6YN6azCBWmK4U13BGb

Malware Config

Targets

    • Target

      ddb4f3f09b1eb74ca609fd235d49fd844239ee88c279c4b3f8deeea239687e20

    • Size

      3.0MB

    • MD5

      3946750f0756689a64df8aded44f326a

    • SHA1

      fec4450d32bd79aa666b544e5c6701f7278b3cb0

    • SHA256

      ddb4f3f09b1eb74ca609fd235d49fd844239ee88c279c4b3f8deeea239687e20

    • SHA512

      913c8e2cc8f17c7978fb436e3239920a2bf0a7ae27e6002fb563f035ddcf7abd0d22e792f5cd408f09d062a0d6861683e5c46777c4685637a25ae193b0f7cf07

    • SSDEEP

      49152:Uu1Wb9/6ogh5UTIqyP/VKG9d+ug3S6YDge/1waaRUCBWmUcTO9vmBm1Uep4fiksc:Uu1WptEjf99CS6YN6azCBWmK4U13BGb

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks