General

  • Target

    7aca152e7040f43dae201cfe01ce37b4.exe

  • Size

    7.7MB

  • Sample

    240409-hsm8vscc7t

  • MD5

    7aca152e7040f43dae201cfe01ce37b4

  • SHA1

    83eb2fa2d400f96b241e61f81e4d80317eea0200

  • SHA256

    ce602c6700032c737e7f29dc604f3b92f4a78217b5d3970e1666aab998443c50

  • SHA512

    84415dcc06c965ef9cf159a06e492efe37e48ce7e6c55c514ef7c17c9782ee20faeed3fc18e1517711fc83a9fa337f84c0f2a45c10d85d8b3ea826c6b5c472d4

  • SSDEEP

    196608:36daVHmaaDRVjdpOEMIUfEB92uOnffW1zPkHS3:KMHmauRNdUvIUfEun3ws+

Malware Config

Targets

    • Target

      7aca152e7040f43dae201cfe01ce37b4.exe

    • Size

      7.7MB

    • MD5

      7aca152e7040f43dae201cfe01ce37b4

    • SHA1

      83eb2fa2d400f96b241e61f81e4d80317eea0200

    • SHA256

      ce602c6700032c737e7f29dc604f3b92f4a78217b5d3970e1666aab998443c50

    • SHA512

      84415dcc06c965ef9cf159a06e492efe37e48ce7e6c55c514ef7c17c9782ee20faeed3fc18e1517711fc83a9fa337f84c0f2a45c10d85d8b3ea826c6b5c472d4

    • SSDEEP

      196608:36daVHmaaDRVjdpOEMIUfEB92uOnffW1zPkHS3:KMHmauRNdUvIUfEun3ws+

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks