General
-
Target
ca85eafc097d01cc9f3d6e4871cdbbc1e2f3cb3b86d1899f99da2642934b57bc
-
Size
2.2MB
-
Sample
221124-n5jn4afc5x
-
MD5
45cb74ad7ebd0637a4b609112c8f96f9
-
SHA1
ef8e449bcffb09a29793d055432158adf99ede19
-
SHA256
ca85eafc097d01cc9f3d6e4871cdbbc1e2f3cb3b86d1899f99da2642934b57bc
-
SHA512
3b246c3fe90fdf60b8721bcee0739175dc4d85a6225102332499699b839d9c2c8421075963756e4d1270b0d85ba514ac5447f7ca2663d10d4ef61756b2f48705
-
SSDEEP
49152:pwVOQu1H2GzN27U+wBZEki4BrRG8QEAUpq936T9EQeiaWJFtpraJF:pKoHGgBZu4fQEFk9+9ElWsF
Static task
static1
Behavioral task
behavioral1
Sample
ca85eafc097d01cc9f3d6e4871cdbbc1e2f3cb3b86d1899f99da2642934b57bc.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ca85eafc097d01cc9f3d6e4871cdbbc1e2f3cb3b86d1899f99da2642934b57bc.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
ca85eafc097d01cc9f3d6e4871cdbbc1e2f3cb3b86d1899f99da2642934b57bc
-
Size
2.2MB
-
MD5
45cb74ad7ebd0637a4b609112c8f96f9
-
SHA1
ef8e449bcffb09a29793d055432158adf99ede19
-
SHA256
ca85eafc097d01cc9f3d6e4871cdbbc1e2f3cb3b86d1899f99da2642934b57bc
-
SHA512
3b246c3fe90fdf60b8721bcee0739175dc4d85a6225102332499699b839d9c2c8421075963756e4d1270b0d85ba514ac5447f7ca2663d10d4ef61756b2f48705
-
SSDEEP
49152:pwVOQu1H2GzN27U+wBZEki4BrRG8QEAUpq936T9EQeiaWJFtpraJF:pKoHGgBZu4fQEFk9+9ElWsF
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-