General

  • Target

    14e61ba0ca8ea4bd0f86e0acbaabcf74c8a171edf1d35ad45de1328f898dfc06

  • Size

    3.2MB

  • Sample

    240411-18xfksac21

  • MD5

    e94a69db22d6fb32c5eb79ba623b1125

  • SHA1

    cf3a760f4da1255a6b852ec10a6cb941382aef1c

  • SHA256

    14e61ba0ca8ea4bd0f86e0acbaabcf74c8a171edf1d35ad45de1328f898dfc06

  • SHA512

    826b52ef648de8a7bad9918a07646bed4c219e9c7506ed4afb11c8c07b0acd30b8e26abd5be3f38fe97cb5eb648b968bd0543b48389785d8fea434db3e5862d0

  • SSDEEP

    49152:Gpo0RpTw9bQNgPxiO1Oz31EcDZnK1o3pURJZeWsQUQkgWaKg5JF7sHPBBzR:WoApTw9c+mScDHZUAjQjJF7G

Malware Config

Targets

    • Target

      14e61ba0ca8ea4bd0f86e0acbaabcf74c8a171edf1d35ad45de1328f898dfc06

    • Size

      3.2MB

    • MD5

      e94a69db22d6fb32c5eb79ba623b1125

    • SHA1

      cf3a760f4da1255a6b852ec10a6cb941382aef1c

    • SHA256

      14e61ba0ca8ea4bd0f86e0acbaabcf74c8a171edf1d35ad45de1328f898dfc06

    • SHA512

      826b52ef648de8a7bad9918a07646bed4c219e9c7506ed4afb11c8c07b0acd30b8e26abd5be3f38fe97cb5eb648b968bd0543b48389785d8fea434db3e5862d0

    • SSDEEP

      49152:Gpo0RpTw9bQNgPxiO1Oz31EcDZnK1o3pURJZeWsQUQkgWaKg5JF7sHPBBzR:WoApTw9c+mScDHZUAjQjJF7G

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks