General
-
Target
c94a9791aee317b9bf661bdec3a260f792dfd6e21c81f7b312cd2461e078769a
-
Size
2.0MB
-
Sample
220524-weq99afhgj
-
MD5
d567b5d48d8369cd09995c38d52b2452
-
SHA1
40cc824e7ea37f0eb1e086e9dc86349bb4323b71
-
SHA256
c94a9791aee317b9bf661bdec3a260f792dfd6e21c81f7b312cd2461e078769a
-
SHA512
dc73f317f8824e822cef7024fe4374d818372af1d15e03dc0e8cd5539a0398523dab8783fc6bb05e50e688b71dcbc96bb8cbbdbba2f2964e8bd60c9bf83fa938
Malware Config
Targets
-
-
Target
c94a9791aee317b9bf661bdec3a260f792dfd6e21c81f7b312cd2461e078769a
-
Size
2.0MB
-
MD5
d567b5d48d8369cd09995c38d52b2452
-
SHA1
40cc824e7ea37f0eb1e086e9dc86349bb4323b71
-
SHA256
c94a9791aee317b9bf661bdec3a260f792dfd6e21c81f7b312cd2461e078769a
-
SHA512
dc73f317f8824e822cef7024fe4374d818372af1d15e03dc0e8cd5539a0398523dab8783fc6bb05e50e688b71dcbc96bb8cbbdbba2f2964e8bd60c9bf83fa938
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-