1005d1262f355c963be3c8c056af74842b3c495d688ca3a6d4a31132f94d34cf | Triage

Resubmissions

02-10-2024 22:41

241002-2l6leavdlb 9

27-09-2024 21:32

240927-1d47ya1aqr 10

Sharing

General

Target

Bitdancer.zip
Size

17.3MB
Sample

241002-2l6leavdlb
MD5

c24175bfbe6fee48d701ffc2da8c3559
SHA1

1bd15d8eda30a6e5c7446d3716f179cf0c397ecc
SHA256

1005d1262f355c963be3c8c056af74842b3c495d688ca3a6d4a31132f94d34cf
SHA512

c94cf2729591f9854376f15598fd02b2bfd820e556356f5554bf98e73db9843db54e4b654bffe56cb3ef519f184a4123dff6c6f0cfa7e83891bb7ad1620b2fbe
SSDEEP

393216:1stg0BGL8wdRZRRniYhGpiDBM3Pi+Dy+SSccDI0v7oMBC:1sQL88b/qK2SC80v7oMBC

Score

9^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  MintInjector.exe
- Size
  
  17.4MB
- MD5
  
  22dcf4ed5ce31a50c15bd16113fd6c7e
- SHA1
  
  31dfeb4789fec61bad5209717ae1735f728fb7b2
- SHA256
  
  b28095f6724149b7e9db71ce78d101e7ee2dd3c8f066a9973ef20929ae6a25c0
- SHA512
  
  f79424942f26f05d49ef742445ef5e7cf9612c1f18de7365d118d4d5c311ac55924b129889ad78d5d3d66891fb985667b6b9439f3a7eb59fcd69010d47944f20
- SSDEEP
  
  393216:BO05grJxw1ubDqIIZRjgV3Qam6w06q1u3Oiqg5ltotcex6j:BOpx7qIGjUQ066Pg5lXexq
Score

9^/10

evasion trojan
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  mintAPI.dll
- Size
  
  4KB
- MD5
  
  93b3532685280e8478b00946fb56d8ae
- SHA1
  
  0e05917c94cb9d8669ed3033954001bdb4bae2d7
- SHA256
  
  25dda94eef0d338cf7d8aad6ca8c476232977ffcce420b040c8dabd6ebb6372b
- SHA512
  
  d42f09c154fb1be12551ea60ad2711072b6318b02558623168b94a7fca619a4466104aed86f112b9596c6d2bac169f355d220a1182e14323f7b869286cf3244d
- SSDEEP
  
  96:A+4uay5129FeIUJuSZijOAVHow2pyxsYs:D4PA45DVHR
Score

1^/10
behavioral3 behavioral4
- Target
  
  mintUI.dll
- Size
  
  7KB
- MD5
  
  221f07f871d6fed6471344be3f9129c6
- SHA1
  
  bba15b1e71180ea0b7418021f4b342cd6296e63d
- SHA256
  
  2cbd1148b9caefcf5eac25bdb7695e6e42aaf0de108dc9fe600fc09d4b67c536
- SHA512
  
  d4d94808b1e2e2d1d07295bb99d98cc536d4d58b65a6dada59d09ad63c983ea0381171cc99b797926553f9a27515eb28eba863b2da473f52fc115dc72b3875a5
- SSDEEP
  
  96:S7TqqncTO1V5C1UfzM9O4wsxM+9zjcms1mD74O8sLSXRn2t5zNt:S7mqncy1V5CcYXwsf5jcmsUDMOJSMB
Score

1^/10
behavioral5 behavioral6
- Target
  
  mintUI.exe
- Size
  
  135KB
- MD5
  
  cb0e4661360da0f42150d0764bece8ca
- SHA1
  
  54cbbdba26e0d012c56d56e5d0ce2e2ac16e7aa4
- SHA256
  
  a91f5c498df6682fdc690b9322586617dfaf938ee811f7e53361a0e3206ba114
- SHA512
  
  97d1b141517bb2f0ee05a86ca1a19de34688e958b68922001d1d8293a85dc7b7474a4834ef647ccf85d8a427cb52cd67fd762c92da4eee7206616d7df8432e75
- SSDEEP
  
  3072:ajK4UGDHXrQ8hy7qgpHulWD9ZvZ5Pf3Ca10xuZ04ntfOQhBum:ajK4TDUqgpqWDLZ5H+xuZ047hA
Score

3^/10

discovery
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Time Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8