General

  • Target

    PlasmaPerm.exe

  • Size

    2.0MB

  • Sample

    241109-gy7zsaskcp

  • MD5

    53f60234d2f23b0a56a4c4d01c235281

  • SHA1

    edcf730e5a6e9d251135217cab566fee8b2089ad

  • SHA256

    157022d90bfb8809c6f371c36d54fb90650dda68241f85890983e2a0c0021dc7

  • SHA512

    465290c68b38991ba454c2149704330557496cd63951ca80b6520dfe9c8121a8a99e8ead8125fbc7462f514ee4994fcd2c70d57c30e87be106a5d71f98105461

  • SSDEEP

    49152:LyFS0D21lmt9V7dmKZ+I/AjVMm5MVHWlC0g/2sv:o5sl89V7D+I/aMm5MmC0gusv

Score
9/10

Malware Config

Targets

    • Target

      PlasmaPerm.exe

    • Size

      2.0MB

    • MD5

      53f60234d2f23b0a56a4c4d01c235281

    • SHA1

      edcf730e5a6e9d251135217cab566fee8b2089ad

    • SHA256

      157022d90bfb8809c6f371c36d54fb90650dda68241f85890983e2a0c0021dc7

    • SHA512

      465290c68b38991ba454c2149704330557496cd63951ca80b6520dfe9c8121a8a99e8ead8125fbc7462f514ee4994fcd2c70d57c30e87be106a5d71f98105461

    • SSDEEP

      49152:LyFS0D21lmt9V7dmKZ+I/AjVMm5MVHWlC0g/2sv:o5sl89V7D+I/aMm5MmC0gusv

    Score
    9/10
    • Looks for VirtualBox Guest Additions in registry

    • Looks for VMWare Tools registry key

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks