Resubmissions

19-06-2024 23:19

240619-3a83tswfkc 10

19-06-2024 23:16

240619-29c9rs1blr 10

General

  • Target

    EnigmaSpf.zip

  • Size

    8.4MB

  • Sample

    240619-29c9rs1blr

  • MD5

    3e2344ca5a2ebb0742b990a09de3143c

  • SHA1

    320f2f2b6acab37c096c6d02978c93032b0d2a2d

  • SHA256

    cfc6d572bd3b9eb1ac7781cfcfc60a1b5c536d1d169d7f19e51298b82df1ed4e

  • SHA512

    afa90edc411de29327f8e78440a64010c20ce8f8d62950f320ce7fd23abe66bde03a64385199356315ac12dcaf4f90f46a6a44c58181c0c6cd7096dbe73da183

  • SSDEEP

    196608:PC+LxQOKIYVkQFsNO5srrI71WdcR9PL+hrg2fZ1sCcyzp38HWad611G+N9:a+t9NO5sY4d48jriyG29ZN9

Malware Config

Targets

    • Target

      EnigmaSpf.exe

    • Size

      9.4MB

    • MD5

      e5bd3f963b6f706c2b03d31b0fdb4e39

    • SHA1

      b6f11c279926da98a1bc3a9dcdac593e0302ab17

    • SHA256

      5ce97ad436f6aa47546f8f9866d4918d9681c060bd3051c18bb8c3d8850c13c5

    • SHA512

      cd4ad986ee4ed214ff6ce3f1759e2c6385484ef16f94c3a4cb22c5812d98f189ff1ae1f3b2cc09b2168f4e962d952ccebbb8e136d1ccf124b6dd5867ec55a937

    • SSDEEP

      196608:dyWHQXwuLSXurErvI9pWjgN3ZdahF0pbH1AYSEp1CtQsNI/SBmU:dtDXurEUWjqeWxQX6nWv

    Score
    9/10
    • Looks for VirtualBox Guest Additions in registry

    • Stops running service(s)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Target

      8�C�� .pyc

    • Size

      1KB

    • MD5

      aa665273afcc69a116efd6e472a08b10

    • SHA1

      c9f4411477ac7ffc68cfb45f0dc9cb7883efac73

    • SHA256

      f0fafe0aefe5eb08b9aeef4307e915e49d04d93534db6b5b62d74e69b9e9134b

    • SHA512

      8e616b2382b9af2b10a90131612b52b5d073c2b827f757f626f9c15b920f7eb2573f6099692fd60ea80e4aab8f8fa817f728c5123ec06acedbaa2c4d0a33fba0

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks