5d1423f10ec6fb19bf73a7b4f1fff7613eea84bbdf793aca0d71969e60216ac6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

huloader.exe
Size

7.5MB
Sample

240512-c58gnscf2t
MD5

95c285c0f316edd795e79bc51256807c
SHA1

5f2abd563f083d236f5a8f313549f69728e795d3
SHA256

5d1423f10ec6fb19bf73a7b4f1fff7613eea84bbdf793aca0d71969e60216ac6
SHA512

1d582555fbf845b17eb32e2fca5fe84d2b55a763c2bb0b5a22d71e7917796c2522055a15cc664d8e0bce4acbec88eecc5be292a618345e1e782e65454aa6d86e
SSDEEP

196608:h5iDTVrEkqmtQqDXbEY1hWdNxLy+0MAHNqX+:HilrwbqDLr3+VY

Score

9^/10

evasion trojan

Malware Config

Targets

- Target
  
  huloader.exe
- Size
  
  7.5MB
- MD5
  
  95c285c0f316edd795e79bc51256807c
- SHA1
  
  5f2abd563f083d236f5a8f313549f69728e795d3
- SHA256
  
  5d1423f10ec6fb19bf73a7b4f1fff7613eea84bbdf793aca0d71969e60216ac6
- SHA512
  
  1d582555fbf845b17eb32e2fca5fe84d2b55a763c2bb0b5a22d71e7917796c2522055a15cc664d8e0bce4acbec88eecc5be292a618345e1e782e65454aa6d86e
- SSDEEP
  
  196608:h5iDTVrEkqmtQqDXbEY1hWdNxLy+0MAHNqX+:HilrwbqDLr3+VY
Score

9^/10

evasion trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2