Overview

overview

9

Static

static

3

45c8fadbc4...3N.exe

windows7-x64

9

45c8fadbc4...3N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    45c8fadbc4ffceb35901be762d4ac3a1381c8a72121e7bb20167b9a0a087d303N.exe

  • Size

    1.8MB

  • Sample

    240925-1ttq5sshnc

  • MD5

    dd423589244daa6d2710aeda78a95cd0

  • SHA1

    4d007d6895731c87c820971be427c9739978ee6c

  • SHA256

    45c8fadbc4ffceb35901be762d4ac3a1381c8a72121e7bb20167b9a0a087d303

  • SHA512

    7bac06f37926e58a93ce4ca7eec0d08fb9ecb811ebb0e8e522f8ec5702f5fcdb9cac2e3ff1a8373a079ef77f446048c96bfe3a8b3ac2434ae4661e54450f40aa

  • SSDEEP

    49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

Score
9/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      45c8fadbc4ffceb35901be762d4ac3a1381c8a72121e7bb20167b9a0a087d303N.exe

    • Size

      1.8MB

    • MD5

      dd423589244daa6d2710aeda78a95cd0

    • SHA1

      4d007d6895731c87c820971be427c9739978ee6c

    • SHA256

      45c8fadbc4ffceb35901be762d4ac3a1381c8a72121e7bb20167b9a0a087d303

    • SHA512

      7bac06f37926e58a93ce4ca7eec0d08fb9ecb811ebb0e8e522f8ec5702f5fcdb9cac2e3ff1a8373a079ef77f446048c96bfe3a8b3ac2434ae4661e54450f40aa

    • SSDEEP

      49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

    Score
    9/10
    discoveryevasiontrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks