General

  • Target

    7d46e613a371056559819d8358608147edc0ebb8c82b3343e9979e3692657de8.exe

  • Size

    3.0MB

  • Sample

    240408-b3vx5ada84

  • MD5

    d31b57fc3b846519584933936867501f

  • SHA1

    1e097a2f7eefe70177236f5653594593a460bf9f

  • SHA256

    7d46e613a371056559819d8358608147edc0ebb8c82b3343e9979e3692657de8

  • SHA512

    c05262e0621d84543f353151d9906b5f8a975c6abc1d4c5e804c855fcd5f3c0c3deaf54727f93615277e74ec206ac63b6086ce01805d2c6f84a515673c24b37c

  • SSDEEP

    49152:GQHVUY8LOrlUVBoiQO9ZPMJMbZAv/WwGW0s8Yrj33CNOJpvk0MJLuYFGHPh0C3wk:GQHV8arlUMiQO8JMbZ7m5CA5fMJ6p1RZ

Malware Config

Targets

    • Target

      7d46e613a371056559819d8358608147edc0ebb8c82b3343e9979e3692657de8.exe

    • Size

      3.0MB

    • MD5

      d31b57fc3b846519584933936867501f

    • SHA1

      1e097a2f7eefe70177236f5653594593a460bf9f

    • SHA256

      7d46e613a371056559819d8358608147edc0ebb8c82b3343e9979e3692657de8

    • SHA512

      c05262e0621d84543f353151d9906b5f8a975c6abc1d4c5e804c855fcd5f3c0c3deaf54727f93615277e74ec206ac63b6086ce01805d2c6f84a515673c24b37c

    • SSDEEP

      49152:GQHVUY8LOrlUVBoiQO9ZPMJMbZAv/WwGW0s8Yrj33CNOJpvk0MJLuYFGHPh0C3wk:GQHV8arlUMiQO8JMbZ7m5CA5fMJ6p1RZ

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Detects executables packed with Themida

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks