General

  • Target

    49913c1bb41059433906b587f46f4c69.bin

  • Size

    3.0MB

  • Sample

    240408-bmr7ascc9w

  • MD5

    d0185ac482cf68eaf4479801c45c0b45

  • SHA1

    965d592a9db36d2e321b5e8153bca25c3d054732

  • SHA256

    75600918dba0b1dbccbaa64dd4010f1c1a195af54e50eafc7ac9ad64894d93ca

  • SHA512

    c861e292489e1d76c0dbf2fe7380259f365bea17ccb358fa489686cb82533407d479d7e7ad9133c94e7b4116320b1f4a2d7ff73c1177241e9ed8fc2a0a0edfe2

  • SSDEEP

    49152:MkNpLZyGIqWUo81dmpptNs+ndqaprz7zsBe0aWASrMmCqRic5n10nGEd:MkNxZZIqHo81dWpDsfyn7YHuKic56d

Malware Config

Targets

    • Target

      463d722db75e65d2675128edafde29263152486af2675ad753360019fd57de56.exe

    • Size

      3.0MB

    • MD5

      49913c1bb41059433906b587f46f4c69

    • SHA1

      4cf16a7b843ada8c8f771c0d671980676033da9c

    • SHA256

      463d722db75e65d2675128edafde29263152486af2675ad753360019fd57de56

    • SHA512

      1d161569ae7ccf77367d8c764544536d7a288a6b535df963262d6daf7850239890e84049e81f95e1fb8387b9d26df3808e20343d5e6b69ffc873e8e483baabe1

    • SSDEEP

      49152:oYU5KjjgboKOOMdESyDxC/PUrxMXsRNX8fYDU4brpuVNunoKKJbG2u0gUhD:9NjkddoPOO8RNsfYDXbN8Nunn2DgUhD

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks