General

  • Target

    EnigmaSpf.exe

  • Size

    9.4MB

  • Sample

    240619-2z57sszgjr

  • MD5

    e5bd3f963b6f706c2b03d31b0fdb4e39

  • SHA1

    b6f11c279926da98a1bc3a9dcdac593e0302ab17

  • SHA256

    5ce97ad436f6aa47546f8f9866d4918d9681c060bd3051c18bb8c3d8850c13c5

  • SHA512

    cd4ad986ee4ed214ff6ce3f1759e2c6385484ef16f94c3a4cb22c5812d98f189ff1ae1f3b2cc09b2168f4e962d952ccebbb8e136d1ccf124b6dd5867ec55a937

  • SSDEEP

    196608:dyWHQXwuLSXurErvI9pWjgN3ZdahF0pbH1AYSEp1CtQsNI/SBmU:dtDXurEUWjqeWxQX6nWv

Malware Config

Targets

    • Target

      EnigmaSpf.exe

    • Size

      9.4MB

    • MD5

      e5bd3f963b6f706c2b03d31b0fdb4e39

    • SHA1

      b6f11c279926da98a1bc3a9dcdac593e0302ab17

    • SHA256

      5ce97ad436f6aa47546f8f9866d4918d9681c060bd3051c18bb8c3d8850c13c5

    • SHA512

      cd4ad986ee4ed214ff6ce3f1759e2c6385484ef16f94c3a4cb22c5812d98f189ff1ae1f3b2cc09b2168f4e962d952ccebbb8e136d1ccf124b6dd5867ec55a937

    • SSDEEP

      196608:dyWHQXwuLSXurErvI9pWjgN3ZdahF0pbH1AYSEp1CtQsNI/SBmU:dtDXurEUWjqeWxQX6nWv

    Score
    9/10
    • Looks for VirtualBox Guest Additions in registry

    • Stops running service(s)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks