General
-
Target
39d81449ee8e4e0932370e423b61ebde268c8cdf7b8b5c1a859ecf24c12b49ed
-
Size
1.1MB
-
Sample
220625-jvs3kacbgl
-
MD5
e9abcab523f9b60e654fa590ecf00948
-
SHA1
bd4407af6b436484b279b576e22bdc370941b546
-
SHA256
39d81449ee8e4e0932370e423b61ebde268c8cdf7b8b5c1a859ecf24c12b49ed
-
SHA512
9a92a021adf3b05db1182437de998f1c32c48db128203970963353309162bbf1be32d6e629d12e1331f534f7af08b45fa41bdc71cc4325cfaf8403ca07e0f69c
Static task
static1
Behavioral task
behavioral1
Sample
39d81449ee8e4e0932370e423b61ebde268c8cdf7b8b5c1a859ecf24c12b49ed.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
39d81449ee8e4e0932370e423b61ebde268c8cdf7b8b5c1a859ecf24c12b49ed
-
Size
1.1MB
-
MD5
e9abcab523f9b60e654fa590ecf00948
-
SHA1
bd4407af6b436484b279b576e22bdc370941b546
-
SHA256
39d81449ee8e4e0932370e423b61ebde268c8cdf7b8b5c1a859ecf24c12b49ed
-
SHA512
9a92a021adf3b05db1182437de998f1c32c48db128203970963353309162bbf1be32d6e629d12e1331f534f7af08b45fa41bdc71cc4325cfaf8403ca07e0f69c
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-