General

  • Target

    bebfc3aa75ddde300abc34de4ea324c53f2e6a642d9c37147e9b7c6b4280a04a

  • Size

    7.8MB

  • Sample

    241031-m3h44sxanh

  • MD5

    a755fa0fa0bb46003c9da193a55b6727

  • SHA1

    dae85ace49ae57c6249b35a613f549d6285407f1

  • SHA256

    bebfc3aa75ddde300abc34de4ea324c53f2e6a642d9c37147e9b7c6b4280a04a

  • SHA512

    846b8a8688b0c3c2daaacc61d593ef8bbe370a0e9d8ca421dd045449724a50ed9b72ecef9faf2057542c32e9b12beb7ed1e0d9c94ef17e2c784d9bfc8456d671

  • SSDEEP

    98304:AhZs1ZPi3VJsLczq7wKmQCc6OXBvoMEcwMZY8HJsYfPKZJZ1SaWV4r4kteepz52L:4Zs1ZPIJ4iDUT5ZfSYfirZkY/MCgfk56

Malware Config

Targets

    • Target

      bebfc3aa75ddde300abc34de4ea324c53f2e6a642d9c37147e9b7c6b4280a04a

    • Size

      7.8MB

    • MD5

      a755fa0fa0bb46003c9da193a55b6727

    • SHA1

      dae85ace49ae57c6249b35a613f549d6285407f1

    • SHA256

      bebfc3aa75ddde300abc34de4ea324c53f2e6a642d9c37147e9b7c6b4280a04a

    • SHA512

      846b8a8688b0c3c2daaacc61d593ef8bbe370a0e9d8ca421dd045449724a50ed9b72ecef9faf2057542c32e9b12beb7ed1e0d9c94ef17e2c784d9bfc8456d671

    • SSDEEP

      98304:AhZs1ZPi3VJsLczq7wKmQCc6OXBvoMEcwMZY8HJsYfPKZJZ1SaWV4r4kteepz52L:4Zs1ZPIJ4iDUT5ZfSYfirZkY/MCgfk56

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks