Overview

overview

9

Static

static

3

D3DCompiler_43.dll

windows7-x64

1

D3DCompiler_43.dll

windows10-2004-x64

1

D3DX11_43.dll

windows7-x64

1

D3DX11_43.dll

windows10-2004-x64

1

build.exe

windows7-x64

9

build.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Desktop.zip

  • Size

    12.6MB

  • Sample

    240905-pxlzxssaja

  • MD5

    75a018767a4b227ca4f0a266db47d719

  • SHA1

    9f21ff832652b5d7c1a8dc6870d8c319db94ce54

  • SHA256

    97c6723ea88d4eb74a322f55cc2c2265c4d7415df2b194d0252ee773a3ea8137

  • SHA512

    63cb7544b0f7dda6b713cd8d6736c94b2329cf264387eacf0879739ffb0ce03adfadd2bb169322a003180936be08ee7b4c40673cd8df413909a82675e77737e2

  • SSDEEP

    196608:nv7uwLt3RbvyhPjYtZOEp7sQFuQc77ycA28tydblzkoULsEptk4AZ/aeZz/YCX:v7jLtBb4U6IYD7ycvv9EsEL6JN5wCX

Score
9/10
evasiontrojan

Malware Config

Targets

    • Target

      D3DCompiler_43.dll

    • Size

      2.4MB

    • MD5

      ada0c39d4eacdc81fd84163a95d62079

    • SHA1

      207321f1b449985b2d06ed50b989fa6259e4eb8e

    • SHA256

      44c3a7e330b54a35a9efa015831392593aa02e7da1460be429d17c3644850e8a

    • SHA512

      1afc63db5d2030b76abc19094fc9fef28cc6250bd265294647e65db81f13749c867722924460f7a6021c739f4057f95501f0322cdec28a2101bf94164557a1a5

    • SSDEEP

      49152:zf59zPxKcvHzDB6t3+C0/aJfyLg7Ie4Xy+5j4m2CTB:M2642o7lftd

    Score
    1/10
    behavioral1behavioral2

    • Target

      D3DX11_43.DLL

    • Size

      270KB

    • MD5

      9d6429f410597750b2dc2579b2347303

    • SHA1

      e35acb15ea52f6cd0587b4ca8da0486b859fd048

    • SHA256

      981e42629df751217406e7150477cddc853b79abd6a8568a1566298ed8f7bd59

    • SHA512

      46cbfb1e22c3f469bdc80515560448f6f83607fd6974bb68b9c7f86ca10c69878f1312b32c81c0f57b931c43bad80bd46bdf26ab4ffb999abb0b73de27ad7c56

    • SSDEEP

      3072:iCWVWFOaVgP7BzvjYlTc91N6Vkg4eK6DvDBcMqpcJbMYBu1+Iz54+vJq9o:EWw4gPdz7YlTc91i1DLopYMvIIO

    Score
    1/10
    behavioral3behavioral4

    • Target

      build.exe

    • Size

      11.5MB

    • MD5

      80b649dd7217d2dec012737e3043f9cd

    • SHA1

      b363f80e300560f60784f2e152b9227f174107ae

    • SHA256

      ee849ec066ffb5f9206ee2c6a0fcfaa5033bed93168210a665e479a4502f496a

    • SHA512

      6a0107c98434c61a935bf223d302dd3811a6eea9f14e56c8325b367faf5670e4e1168e0a410b5bc387e9041aea1d63294e20ab168afdb125cf6400bc89e55bbb

    • SSDEEP

      196608:WoF/rc9ytclId9zCPajNxVeyrM/A72vLMs4O9p+8avsyQzIfcxAYs0jdokFFr:WoFDqPG9VNxDA/A72iC+vL2IkxAYPFr

    Score
    9/10
    evasiontrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks