General
-
Target
148705bd22edae7c8cd1ed96ddd298cf49222a6f4057d0cf2e9bc100755db9bc
-
Size
2.5MB
-
Sample
240412-xms99adb22
-
MD5
7129024da28ccee803057e1ce63cb711
-
SHA1
296962dcc62caf166e54d0984e4d399e01645ae2
-
SHA256
148705bd22edae7c8cd1ed96ddd298cf49222a6f4057d0cf2e9bc100755db9bc
-
SHA512
99d8e843b0560a53ae617ebf571526fa32e8ab2cea4b97198f82e08bb5e3309bab84f9a37da130ececcac0f86252e556fddcb6a76856e95a4015cd2851ddf40e
-
SSDEEP
49152:hxmvumkQ9lY9sgUXdTPSxdQ8KX75IyuWuCjcCqWOyxL:hxx9NUFkQx753uWuCyyxL
Behavioral task
behavioral1
Sample
148705bd22edae7c8cd1ed96ddd298cf49222a6f4057d0cf2e9bc100755db9bc.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
148705bd22edae7c8cd1ed96ddd298cf49222a6f4057d0cf2e9bc100755db9bc.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
148705bd22edae7c8cd1ed96ddd298cf49222a6f4057d0cf2e9bc100755db9bc
-
Size
2.5MB
-
MD5
7129024da28ccee803057e1ce63cb711
-
SHA1
296962dcc62caf166e54d0984e4d399e01645ae2
-
SHA256
148705bd22edae7c8cd1ed96ddd298cf49222a6f4057d0cf2e9bc100755db9bc
-
SHA512
99d8e843b0560a53ae617ebf571526fa32e8ab2cea4b97198f82e08bb5e3309bab84f9a37da130ececcac0f86252e556fddcb6a76856e95a4015cd2851ddf40e
-
SSDEEP
49152:hxmvumkQ9lY9sgUXdTPSxdQ8KX75IyuWuCjcCqWOyxL:hxx9NUFkQx753uWuCyyxL
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Detects executables packed with Themida
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2Virtualization/Sandbox Evasion
1