General

  • Target

    3eca40d5eacdaa98eb93bca343ac5d4b80d319631fa367bdecd2f25e1403bcad

  • Size

    3.7MB

  • Sample

    241109-xqlpksyrfz

  • MD5

    83c7fc8cd7865fba560fc66ee17a11bc

  • SHA1

    8f4ef0c984559546b010e220a177072791ed1891

  • SHA256

    3eca40d5eacdaa98eb93bca343ac5d4b80d319631fa367bdecd2f25e1403bcad

  • SHA512

    d3260c6a1ff3742312987963ba12d4994f9c0c5f32a1f75773bded553199d170dfb6a12332634715926700fc531d8df354b6086467430edb8c0e15bc4bd87cd3

  • SSDEEP

    98304:FmyK36Ej0aRjh282XRh9KeIHTYLmGzECkcqqnJNkw:wy900akXvJIzYmGzpqEJN5

Malware Config

Targets

    • Target

      3eca40d5eacdaa98eb93bca343ac5d4b80d319631fa367bdecd2f25e1403bcad

    • Size

      3.7MB

    • MD5

      83c7fc8cd7865fba560fc66ee17a11bc

    • SHA1

      8f4ef0c984559546b010e220a177072791ed1891

    • SHA256

      3eca40d5eacdaa98eb93bca343ac5d4b80d319631fa367bdecd2f25e1403bcad

    • SHA512

      d3260c6a1ff3742312987963ba12d4994f9c0c5f32a1f75773bded553199d170dfb6a12332634715926700fc531d8df354b6086467430edb8c0e15bc4bd87cd3

    • SSDEEP

      98304:FmyK36Ej0aRjh282XRh9KeIHTYLmGzECkcqqnJNkw:wy900akXvJIzYmGzpqEJN5

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks