General

  • Target

    WaveTrial.zip

  • Size

    192.5MB

  • Sample

    240409-c2k7zabh68

  • MD5

    5efdd951e8daa21e05ba9247fe88fece

  • SHA1

    0a77942e3fdc68de38cdab027b26b97df80d5cd3

  • SHA256

    06878ecd45a53d1d4882153d4310c3b485dd57497a6c39426f174c8974586f5b

  • SHA512

    9d591eb2843ef805004826434e156fc45f2f1fda30ca0e56b0387a269272907df73983ac0a4c78c4965ac27e9849542c42b8bb7e7a8a46c0b2daa57aaa7849b1

  • SSDEEP

    3145728:ir+j11jo5vSXno3Kdr0HeMVnCcDqOKLft+7f13LiDennNVp0jDW6QeKv/063gaY:iiboadruVCdO913OCp0cFXt3U

Malware Config

Targets

    • Target

      WaveTrial/WaveTrial/Injector.exe

    • Size

      3.4MB

    • MD5

      c6b39ee166d5b0a2c8a9021ccd1593ae

    • SHA1

      e480e7c282f64e8b0179c82afe154dd59d14217d

    • SHA256

      443b665c5f545a2bdd7855f86bf70a5ee7f35eda1b6b08615161f5809cbda02b

    • SHA512

      3864aea36c522ca5658412128e6a4c862a647cf3b1054b9adbe418488590a37600d7639c3eba94ca9de76f087b244b95644c667213b1122889cf2d9b7a4652d2

    • SSDEEP

      49152:Kl0nJ28J4VZohYWVGGjW8NhSU7zwo8oXJ2R3KPHsI7coj2J+eNgRpqNc1a:KmnJrJ4DohYWVTJNkIZZ2R6vsmA+FDqN

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      WaveTrial/WaveTrial/Wave.exe

    • Size

      7.0MB

    • MD5

      a8bd4a6b2f1d00928e61870a5688c13d

    • SHA1

      e17646d5279534f2e3eb0e0cfc8b6c536bc0c095

    • SHA256

      2c51f67e236cf95e2d51df4178699da09869ab077924cff0b3df1c512878ef2f

    • SHA512

      6b5175beea4071668c87b16af3177bbb2cbaff6b28909dc1e09ad5b16b449c62d6adc372a0094de627fe9835f0c474d16708c3f698355ba1664bf321fa19f5fb

    • SSDEEP

      98304:37//YITF8r2n8TevxbFKVlXk34tZ+t4+aNG5Lhd+2G4Op0cN+hmdYkvsFLL:37//1xBVqvG5dQ2m0cN+hmdYkvsFLL

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks