General

  • Target

    13ac8c41b140402cc63005b0322954bbb7342909528ccc37f728ebea858c8db4

  • Size

    3.0MB

  • Sample

    240408-aawtaaae21

  • MD5

    ef51fbfb964fb2fcf28024352ee6082f

  • SHA1

    edec26733302edfacc70d5f8bb950a9750d28adf

  • SHA256

    13ac8c41b140402cc63005b0322954bbb7342909528ccc37f728ebea858c8db4

  • SHA512

    f8d92748fad2707483e1d38dd7d8a0b34aebcf2e2bd02547eee3aea8d9e958fe45269c50506c0112fbebd8a9c203af486e7931f71ff8fa89d8b591fe307750a6

  • SSDEEP

    49152:XUwJPXxN7wstLHgyiUCr65PLW4Ez3fn0qgch2wO/bQxdjFDrK2H2xfELR6thTK0s:kMVtLdiUCGe3f0Xch2FcdjlW8l6tD/M

Malware Config

Targets

    • Target

      13ac8c41b140402cc63005b0322954bbb7342909528ccc37f728ebea858c8db4

    • Size

      3.0MB

    • MD5

      ef51fbfb964fb2fcf28024352ee6082f

    • SHA1

      edec26733302edfacc70d5f8bb950a9750d28adf

    • SHA256

      13ac8c41b140402cc63005b0322954bbb7342909528ccc37f728ebea858c8db4

    • SHA512

      f8d92748fad2707483e1d38dd7d8a0b34aebcf2e2bd02547eee3aea8d9e958fe45269c50506c0112fbebd8a9c203af486e7931f71ff8fa89d8b591fe307750a6

    • SSDEEP

      49152:XUwJPXxN7wstLHgyiUCr65PLW4Ez3fn0qgch2wO/bQxdjFDrK2H2xfELR6thTK0s:kMVtLdiUCGe3f0Xch2FcdjlW8l6tD/M

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks