General

  • Target

    15ad3e2735a18db22be6a1678342ce95e037bef0fa2e6a15d64c8afa2aebb8b2

  • Size

    3.0MB

  • Sample

    240411-183ycsac3y

  • MD5

    73891eb48419cad96c3ed4998f8a605c

  • SHA1

    24ef337fb31320a5e486c560349b03d9d31fd3f9

  • SHA256

    15ad3e2735a18db22be6a1678342ce95e037bef0fa2e6a15d64c8afa2aebb8b2

  • SHA512

    a5f00e98b44e27082c8e77602bc4ce73599d8784412265a1d1607022cf12437b7744d280b8daa965dd909f83d4e5c784ab1777d24b07278c3b380c904ba9c030

  • SSDEEP

    98304:RpYjpkMXF8Rrr+nSrQHndI/PVDPoYKKayHt3xdBofr:RokMXyBr+S0+FDo031c

Malware Config

Targets

    • Target

      15ad3e2735a18db22be6a1678342ce95e037bef0fa2e6a15d64c8afa2aebb8b2

    • Size

      3.0MB

    • MD5

      73891eb48419cad96c3ed4998f8a605c

    • SHA1

      24ef337fb31320a5e486c560349b03d9d31fd3f9

    • SHA256

      15ad3e2735a18db22be6a1678342ce95e037bef0fa2e6a15d64c8afa2aebb8b2

    • SHA512

      a5f00e98b44e27082c8e77602bc4ce73599d8784412265a1d1607022cf12437b7744d280b8daa965dd909f83d4e5c784ab1777d24b07278c3b380c904ba9c030

    • SSDEEP

      98304:RpYjpkMXF8Rrr+nSrQHndI/PVDPoYKKayHt3xdBofr:RokMXyBr+S0+FDo031c

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks