General
-
Target
576d0770b96b794ef17087131b37d0d4583de1f8432437c379671fbcfbf1c56d
-
Size
792KB
-
Sample
220724-2jxkqabcgn
-
MD5
6cf131e099eed4df9e53247836686c8f
-
SHA1
a3c43b80fb849a5bbf73ae3728011aa6163184a4
-
SHA256
576d0770b96b794ef17087131b37d0d4583de1f8432437c379671fbcfbf1c56d
-
SHA512
cab46bde4aece1318a6dc73dae38a3bfe23c45733a487206b7e9d61a5bac82b370a8013ea0926147597a91d0447b98913d8710abc43089dc5a7ddcfc0914a064
Behavioral task
behavioral1
Sample
576d0770b96b794ef17087131b37d0d4583de1f8432437c379671fbcfbf1c56d.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
576d0770b96b794ef17087131b37d0d4583de1f8432437c379671fbcfbf1c56d
-
Size
792KB
-
MD5
6cf131e099eed4df9e53247836686c8f
-
SHA1
a3c43b80fb849a5bbf73ae3728011aa6163184a4
-
SHA256
576d0770b96b794ef17087131b37d0d4583de1f8432437c379671fbcfbf1c56d
-
SHA512
cab46bde4aece1318a6dc73dae38a3bfe23c45733a487206b7e9d61a5bac82b370a8013ea0926147597a91d0447b98913d8710abc43089dc5a7ddcfc0914a064
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-