General
-
Target
source_prepared.exe
-
Size
80.6MB
-
Sample
240702-exq9jayhmj
-
MD5
e572be422b3e82b7a4a0c5dcd6315806
-
SHA1
647d882948547fd798998dc7b9161862ed981a72
-
SHA256
7d622c4ecda1ecb2b12327a77ee9b217232dfff64358b37ade8d2c317ab871db
-
SHA512
524b975791d76c409ae7255f6a0528ade14421b15a199043d594d8a15536cde3a846343c0effc46154d9eaf1707ca064b9373349fce7cc1c6b004666d9b89792
-
SSDEEP
1572864:VvxZQglX2/wQSk8IpG7V+VPhqb+TnE7Ulg8iYgj+h58sMw5IlW59FugwcJBx:VvxZxR8SkB05awb+Tfe25FSI9FRNx
Behavioral task
behavioral1
Sample
source_prepared.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
source_prepared.exe
-
Size
80.6MB
-
MD5
e572be422b3e82b7a4a0c5dcd6315806
-
SHA1
647d882948547fd798998dc7b9161862ed981a72
-
SHA256
7d622c4ecda1ecb2b12327a77ee9b217232dfff64358b37ade8d2c317ab871db
-
SHA512
524b975791d76c409ae7255f6a0528ade14421b15a199043d594d8a15536cde3a846343c0effc46154d9eaf1707ca064b9373349fce7cc1c6b004666d9b89792
-
SSDEEP
1572864:VvxZQglX2/wQSk8IpG7V+VPhqb+TnE7Ulg8iYgj+h58sMw5IlW59FugwcJBx:VvxZxR8SkB05awb+Tfe25FSI9FRNx
Score9/10-
Enumerates VirtualBox DLL files
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Virtualization/Sandbox Evasion
1Hide Artifacts
2Hidden Files and Directories
2Modify Registry
1