General

  • Target

    MCC Loader Premium.exe

  • Size

    79.6MB

  • Sample

    240608-xsm1esff64

  • MD5

    2d28a8e4bcde6629197d48a8f2a848ee

  • SHA1

    1f41a3aa7739ae5656f4dc6e09e44da5999a8af6

  • SHA256

    aafd0f1e73d513b15e7a1c45e573b9f301b8f064025eea5dfca62085676e2449

  • SHA512

    6e863d9a7e567a77da7ca536d89520ef7afe12a1ac0789e66fbb8a5cf0d73bc05f1e020595c6b08ce435a5b300a1bb99f118b33adc6695251bc5fe1f4f249571

  • SSDEEP

    1572864:5QARYQt1nXnFP/V4f6Gj53ikjt4jRq2GqFOPV5nTQJl2qHWB75iltJWA2Uc3UFQQ:5QAmSt/VG6RmtCRlGPrnel2qHO5ivJvX

Malware Config

Targets

    • Target

      MCC Loader Premium.exe

    • Size

      79.6MB

    • MD5

      2d28a8e4bcde6629197d48a8f2a848ee

    • SHA1

      1f41a3aa7739ae5656f4dc6e09e44da5999a8af6

    • SHA256

      aafd0f1e73d513b15e7a1c45e573b9f301b8f064025eea5dfca62085676e2449

    • SHA512

      6e863d9a7e567a77da7ca536d89520ef7afe12a1ac0789e66fbb8a5cf0d73bc05f1e020595c6b08ce435a5b300a1bb99f118b33adc6695251bc5fe1f4f249571

    • SSDEEP

      1572864:5QARYQt1nXnFP/V4f6Gj53ikjt4jRq2GqFOPV5nTQJl2qHWB75iltJWA2Uc3UFQQ:5QAmSt/VG6RmtCRlGPrnel2qHO5ivJvX

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks