General
-
Target
f1890b623e96688e15c42de482ce3c943e9ba38f052294a93ed17c491600a1c7
-
Size
774KB
-
Sample
221028-zq3zzafeal
-
MD5
08816e83cdcdd14826b8e0d7f1818bf0
-
SHA1
f98879470bfc346771e4dd7589452b212de18518
-
SHA256
f1890b623e96688e15c42de482ce3c943e9ba38f052294a93ed17c491600a1c7
-
SHA512
62ed9436c9a70c1fb532f173be3326f5fecdc8930eae1efc3a90a7d96e0048459f811cdb30ac39bb33d65278099904c53b80475afe89c944b1e730663d588f56
-
SSDEEP
24576:Mg2ch6PqredMzoj5hxJCaxKnyTCluAo0m1WZ:rHCd1x99TKu4Z
Static task
static1
Behavioral task
behavioral1
Sample
f1890b623e96688e15c42de482ce3c943e9ba38f052294a93ed17c491600a1c7.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
f1890b623e96688e15c42de482ce3c943e9ba38f052294a93ed17c491600a1c7.dll
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
f1890b623e96688e15c42de482ce3c943e9ba38f052294a93ed17c491600a1c7
-
Size
774KB
-
MD5
08816e83cdcdd14826b8e0d7f1818bf0
-
SHA1
f98879470bfc346771e4dd7589452b212de18518
-
SHA256
f1890b623e96688e15c42de482ce3c943e9ba38f052294a93ed17c491600a1c7
-
SHA512
62ed9436c9a70c1fb532f173be3326f5fecdc8930eae1efc3a90a7d96e0048459f811cdb30ac39bb33d65278099904c53b80475afe89c944b1e730663d588f56
-
SSDEEP
24576:Mg2ch6PqredMzoj5hxJCaxKnyTCluAo0m1WZ:rHCd1x99TKu4Z
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-