General
-
Target
unity hub test verison.exe
-
Size
106.7MB
-
Sample
240701-bthlfasblh
-
MD5
c25d7735f6c17adbb7f5ad2718807c39
-
SHA1
5839b3df416f7ba9ee59fc745c1e174ae659308a
-
SHA256
8091b6fb70d5687cb1aea31bbafb642e8dd31e7a0dacd73424d08499401e5ff4
-
SHA512
76bfe6fe50546c4fb163a2b25ed3532c26a377a5819f87937b0d7a0219cf5d3f86557162596008a5d77c6038231aa1b94512c88f02172601981dcab006b4698a
-
SSDEEP
3145728:qcT7paiS6xjKcBa6R2qHO5izBVnG0iWMstB2Ox0pT3:pVjSWNa6HHCittieBm
Behavioral task
behavioral1
Sample
unity hub test verison.exe
Resource
win11-20240611-en
Malware Config
Targets
-
-
Target
unity hub test verison.exe
-
Size
106.7MB
-
MD5
c25d7735f6c17adbb7f5ad2718807c39
-
SHA1
5839b3df416f7ba9ee59fc745c1e174ae659308a
-
SHA256
8091b6fb70d5687cb1aea31bbafb642e8dd31e7a0dacd73424d08499401e5ff4
-
SHA512
76bfe6fe50546c4fb163a2b25ed3532c26a377a5819f87937b0d7a0219cf5d3f86557162596008a5d77c6038231aa1b94512c88f02172601981dcab006b4698a
-
SSDEEP
3145728:qcT7paiS6xjKcBa6R2qHO5izBVnG0iWMstB2Ox0pT3:pVjSWNa6HHCittieBm
Score9/10-
Enumerates VirtualBox DLL files
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Virtualization/Sandbox Evasion
1Hide Artifacts
2Hidden Files and Directories
2Modify Registry
1