General
-
Target
559e6c0064d815a559c55c8e788a2a18d964958613cefc2ae90b4df28435397c
-
Size
2.2MB
-
Sample
220708-f4kk1adcb5
-
MD5
418a031eff24f3356a6ad3027b0b9993
-
SHA1
5677d050ff4b22bc4f8e3c35b4599038b34fc12e
-
SHA256
559e6c0064d815a559c55c8e788a2a18d964958613cefc2ae90b4df28435397c
-
SHA512
67ec0e7a1e54458ea909802dd84febd61189ef53f388b11fd9d99db604bf9acd3cf5b2859de4d8ab5ffcdc5a55395fa3a9f0121846b0ba569d9d0d3459952826
Static task
static1
Behavioral task
behavioral1
Sample
559e6c0064d815a559c55c8e788a2a18d964958613cefc2ae90b4df28435397c.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
559e6c0064d815a559c55c8e788a2a18d964958613cefc2ae90b4df28435397c
-
Size
2.2MB
-
MD5
418a031eff24f3356a6ad3027b0b9993
-
SHA1
5677d050ff4b22bc4f8e3c35b4599038b34fc12e
-
SHA256
559e6c0064d815a559c55c8e788a2a18d964958613cefc2ae90b4df28435397c
-
SHA512
67ec0e7a1e54458ea909802dd84febd61189ef53f388b11fd9d99db604bf9acd3cf5b2859de4d8ab5ffcdc5a55395fa3a9f0121846b0ba569d9d0d3459952826
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-