General

  • Target

    vapirum409.dll

  • Size

    314KB

  • Sample

    200630-nqczvs9nwx

  • MD5

    1dbbce7b3bf66574b877d33326c17f02

  • SHA1

    32376d51c297c0d3fec7c98d5b1bcfb2a5917468

  • SHA256

    72d14b5dbeb6122616375a565b069cb2ef855fc5f581eddc6851d9bda1ed0974

  • SHA512

    8f93a39a5d81c6a611caf08a725e39467a7b4bbda27799ca3e8f0bf5ccb2d330a3116f0470a948302152519dea306a68af5ffdebb00cecd72250428cb6264565

Malware Config

Targets

    • Target

      vapirum409.dll

    • Size

      314KB

    • MD5

      1dbbce7b3bf66574b877d33326c17f02

    • SHA1

      32376d51c297c0d3fec7c98d5b1bcfb2a5917468

    • SHA256

      72d14b5dbeb6122616375a565b069cb2ef855fc5f581eddc6851d9bda1ed0974

    • SHA512

      8f93a39a5d81c6a611caf08a725e39467a7b4bbda27799ca3e8f0bf5ccb2d330a3116f0470a948302152519dea306a68af5ffdebb00cecd72250428cb6264565

    • Blacklisted process makes network request

    • Checks for installed software on the system

    • Checks whether UAC is enabled

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks