General
-
Target
dd83ffe71b9b88ee667f0de89ee47d7fda7d5e26ddf1a0e021b9cafb9ae472dc
-
Size
1.9MB
-
Sample
221125-pwtclsha63
-
MD5
f26076d7ac1fef70ea6667a5cf62d7af
-
SHA1
6764620fd2c48b70734b0114d7d638489c6c9e13
-
SHA256
dd83ffe71b9b88ee667f0de89ee47d7fda7d5e26ddf1a0e021b9cafb9ae472dc
-
SHA512
094b3545837ad3b0d7342362dafe5dea15b354081cd96c7ab893c3b0254489f0fb22cbdbdf05f10430067768f5b3b6fafa76b2e14cdec9d7c6ec31bf3fb90fc0
-
SSDEEP
49152:+maHknTlV73iP54hnX6yVXebpMZoeOneWcsHwi:wY3PhX66ub1VhHb
Static task
static1
Behavioral task
behavioral1
Sample
dd83ffe71b9b88ee667f0de89ee47d7fda7d5e26ddf1a0e021b9cafb9ae472dc.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
dd83ffe71b9b88ee667f0de89ee47d7fda7d5e26ddf1a0e021b9cafb9ae472dc.dll
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
dd83ffe71b9b88ee667f0de89ee47d7fda7d5e26ddf1a0e021b9cafb9ae472dc
-
Size
1.9MB
-
MD5
f26076d7ac1fef70ea6667a5cf62d7af
-
SHA1
6764620fd2c48b70734b0114d7d638489c6c9e13
-
SHA256
dd83ffe71b9b88ee667f0de89ee47d7fda7d5e26ddf1a0e021b9cafb9ae472dc
-
SHA512
094b3545837ad3b0d7342362dafe5dea15b354081cd96c7ab893c3b0254489f0fb22cbdbdf05f10430067768f5b3b6fafa76b2e14cdec9d7c6ec31bf3fb90fc0
-
SSDEEP
49152:+maHknTlV73iP54hnX6yVXebpMZoeOneWcsHwi:wY3PhX66ub1VhHb
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-