57bbac0b105a032a941e026e6fbfce38fafc7076807d59ed0e5fe84aeeb52c58 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

Echo.rar

windows11-21h2-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

Echo.zip
Size

9.8MB
Sample

240809-zzrcjatand
MD5

823581ad88ce7ba0b472029f964315c1
SHA1

58e79005262a8ef6733daca8fe2f77625776dcf0
SHA256

57bbac0b105a032a941e026e6fbfce38fafc7076807d59ed0e5fe84aeeb52c58
SHA512

f3969fe4e48d5fee76d5abeba8bcfb0e716948f9e46ce6eec71637d06d1a631c06547fb5eac8a068153df5beb16eb7e167c6a787239f9ca0623c72d235f4293c
SSDEEP

196608:/eXcfTeTUASL3pqVvHzFt7sczPC+CCL0xMQDgCMhDJahxFiQJheXf/mSZWzGdF8W:WsfTmSLZWfBtZq+5WDgCMMx0EcZ0Etr7

Score

9^/10

discovery evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Echo.rar

Resource

win11-20240802-en

discovery evasion trojan

windows11-21h2-x64

21 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Echo.rar
- Size
  
  9.8MB
- MD5
  
  def6a41693abf6866d1b6e156356ba41
- SHA1
  
  58a8b0330665a15a28cafb5b658816dd42e838eb
- SHA256
  
  839405fab88991656929ad868ecf90ca1f8bb064d60721711457399fcb4a34e2
- SHA512
  
  7daf710f6f44683e958ad23988f0b02e67ce8726ec113d2d1767c3dea8591c85c9105b542269cf489b0f37aaa56ce63b728ee25e295f9692cb6d8b13b528e614
- SSDEEP
  
  196608:mKA3QpdKhGaIL9h+59ltPh6atEfo+MituxqQNiCOhtL0nDPWQT9ovDrisZW16PPI:oApdGILXePPrEQ+VoNiC2ID+ue70s/rc
Score

9^/10

discovery evasion trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

© 2018-2025

Terms | Privacy