General
-
Target
62c7af6c2c2fc6171305fd61a6c82fa7d9f457de152aa2563dea3237a1dddd88
-
Size
2.0MB
-
Sample
221125-pmv5vabe71
-
MD5
449b42716470358f6de271333e511ae0
-
SHA1
847989be4c302ccbbf780d52ab9a941a911ef574
-
SHA256
62c7af6c2c2fc6171305fd61a6c82fa7d9f457de152aa2563dea3237a1dddd88
-
SHA512
78adf6e1439e87e60f574e631b5ff98991846403517c9bd7ade39b0f5df9fe92e73dfff17eb15fb59c496ccc50fc2d429550f306ad25c016fea807d6837a767a
-
SSDEEP
49152:CNtmdVbaUg3gVA5WbBJRQr6yK9NqzVOtmmmpfZJFuUR:KYP2UsaRjwWN/mrfnQUR
Static task
static1
Behavioral task
behavioral1
Sample
62c7af6c2c2fc6171305fd61a6c82fa7d9f457de152aa2563dea3237a1dddd88.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
62c7af6c2c2fc6171305fd61a6c82fa7d9f457de152aa2563dea3237a1dddd88.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
62c7af6c2c2fc6171305fd61a6c82fa7d9f457de152aa2563dea3237a1dddd88
-
Size
2.0MB
-
MD5
449b42716470358f6de271333e511ae0
-
SHA1
847989be4c302ccbbf780d52ab9a941a911ef574
-
SHA256
62c7af6c2c2fc6171305fd61a6c82fa7d9f457de152aa2563dea3237a1dddd88
-
SHA512
78adf6e1439e87e60f574e631b5ff98991846403517c9bd7ade39b0f5df9fe92e73dfff17eb15fb59c496ccc50fc2d429550f306ad25c016fea807d6837a767a
-
SSDEEP
49152:CNtmdVbaUg3gVA5WbBJRQr6yK9NqzVOtmmmpfZJFuUR:KYP2UsaRjwWN/mrfnQUR
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-