General

  • Target

    build.exe

  • Size

    18.1MB

  • Sample

    241031-zzkjzstfkm

  • MD5

    6ac2feb2ae6766b66e08421e8cba812a

  • SHA1

    9c7ab44ddc0f84469aed63258e9b3095c4828550

  • SHA256

    c5ae21ff5436357d2c4453dea2edc0e8bb3b14087a606ee49054a970f0941ee7

  • SHA512

    c45866b350c638604c72e5660142e298902115672995796de725a06c478f7a3335899f02452af4da9efabe2c41b3bb4b42c41f3fbbc1604b8d03caea0819fd15

  • SSDEEP

    393216:Wooac5H6JpRA/WnP065V0AEDDoZ2b373ymRGLqlkkCMUvW6l/4:WAc16q/Wnc60AMey7i+tSheZ

Score
9/10

Malware Config

Targets

    • Target

      build.exe

    • Size

      18.1MB

    • MD5

      6ac2feb2ae6766b66e08421e8cba812a

    • SHA1

      9c7ab44ddc0f84469aed63258e9b3095c4828550

    • SHA256

      c5ae21ff5436357d2c4453dea2edc0e8bb3b14087a606ee49054a970f0941ee7

    • SHA512

      c45866b350c638604c72e5660142e298902115672995796de725a06c478f7a3335899f02452af4da9efabe2c41b3bb4b42c41f3fbbc1604b8d03caea0819fd15

    • SSDEEP

      393216:Wooac5H6JpRA/WnP065V0AEDDoZ2b373ymRGLqlkkCMUvW6l/4:WAc16q/Wnc60AMey7i+tSheZ

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks