General
-
Target
dd15a1cd937d4bf4562d91529d3af1ab717f71e75eec3546cfca8e1c10c8b3c3
-
Size
704KB
-
Sample
220714-j1egcsgge6
-
MD5
46fc7f8fe6baa4ad25bac4facbde8c8e
-
SHA1
38d7b64b07bad3afe68190329a243d89e41ae8db
-
SHA256
dd15a1cd937d4bf4562d91529d3af1ab717f71e75eec3546cfca8e1c10c8b3c3
-
SHA512
7c28b57ffaafc2a3b82282c236627ca4210d820ccd3df694047d0e3e3f1976b332a926a1ae459f9486109cdf75ee0f26e375700dcdebecf4156b97577fda0396
Static task
static1
Behavioral task
behavioral1
Sample
dd15a1cd937d4bf4562d91529d3af1ab717f71e75eec3546cfca8e1c10c8b3c3.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
dd15a1cd937d4bf4562d91529d3af1ab717f71e75eec3546cfca8e1c10c8b3c3
-
Size
704KB
-
MD5
46fc7f8fe6baa4ad25bac4facbde8c8e
-
SHA1
38d7b64b07bad3afe68190329a243d89e41ae8db
-
SHA256
dd15a1cd937d4bf4562d91529d3af1ab717f71e75eec3546cfca8e1c10c8b3c3
-
SHA512
7c28b57ffaafc2a3b82282c236627ca4210d820ccd3df694047d0e3e3f1976b332a926a1ae459f9486109cdf75ee0f26e375700dcdebecf4156b97577fda0396
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-