General

  • Target

    95e1c06bb012cf8359da1ba5f91bd15d.bin

  • Size

    3.0MB

  • Sample

    240408-bx8xssch54

  • MD5

    515ca4158cf3eb8a98d42051f6cd91e2

  • SHA1

    77aed23ecb7786270027f4a3ac74ac876f0b70e4

  • SHA256

    6fc5bcb07940c5c981af861c581ff6794cdef4706f2fd8cc371805a61664e588

  • SHA512

    c7a9d2dddcab19fbbf0752771399a26e0f54d4591631abf5053dc4fcabe9b079da247401c826d3b86911a3f1c8786aba12b6401c2c32cdd6a80d6461a9f1086c

  • SSDEEP

    98304:o3pSo+RbGnZzX1HsslQDxAWYpITrm5vLBOOY:o2UnpX1/OFAjRvLB+

Malware Config

Targets

    • Target

      4693f044ca841912f80f24f96a613af65403a6317b2f2edfbfcae0bfb97d84ef.exe

    • Size

      3.1MB

    • MD5

      95e1c06bb012cf8359da1ba5f91bd15d

    • SHA1

      ff967b22ad384b8dbde80ab0f0982fdecb6b4bf9

    • SHA256

      4693f044ca841912f80f24f96a613af65403a6317b2f2edfbfcae0bfb97d84ef

    • SHA512

      829ac195948601164a09ad23f6a13a6b3a85ac6fb517f3826aa57ee97b7d6d673f22e19f210a24598d02d10d12f0e45a9b95f1f83da08484057c0db117fbd672

    • SSDEEP

      49152:cdatctLWAmyqN1Fu2V3eqYbVIbaHjqVEwoXMSnH4X+nDmqC5ppzzQiZ:cdatcJpmyQXpUOCqG7MSH4XME5TnQiZ

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks