General
-
Target
793caa54c340a7e1bae20a67c31e5e4de8eccb7b2d52dd40817b3ddc20f47092
-
Size
3.0MB
-
Sample
221126-r414jabe45
-
MD5
72109cd08d1f895968f827312e33f32d
-
SHA1
25c131eb7a31591933043a682492661a530f309c
-
SHA256
793caa54c340a7e1bae20a67c31e5e4de8eccb7b2d52dd40817b3ddc20f47092
-
SHA512
277563d1033d19a5a310fc09fbc47e6c623ac18779369cf451f573a9fe9e2397d73c38e7e875b6e28a6fe9d1e7b04c248276df640ad95e41443738164d85ebba
-
SSDEEP
49152:Nf4SFwur3lKsF8FcKqEfBcJOuR+Je49JHjQ04xmC304DA2Pc6duvjFIz:P3lFOcKqEfMO0Qr9JDH4xmCk4DW6duv+
Behavioral task
behavioral1
Sample
793caa54c340a7e1bae20a67c31e5e4de8eccb7b2d52dd40817b3ddc20f47092.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
793caa54c340a7e1bae20a67c31e5e4de8eccb7b2d52dd40817b3ddc20f47092
-
Size
3.0MB
-
MD5
72109cd08d1f895968f827312e33f32d
-
SHA1
25c131eb7a31591933043a682492661a530f309c
-
SHA256
793caa54c340a7e1bae20a67c31e5e4de8eccb7b2d52dd40817b3ddc20f47092
-
SHA512
277563d1033d19a5a310fc09fbc47e6c623ac18779369cf451f573a9fe9e2397d73c38e7e875b6e28a6fe9d1e7b04c248276df640ad95e41443738164d85ebba
-
SSDEEP
49152:Nf4SFwur3lKsF8FcKqEfBcJOuR+Je49JHjQ04xmC304DA2Pc6duvjFIz:P3lFOcKqEfMO0Qr9JDH4xmCk4DW6duv+
Score10/10-
Drops file in Drivers directory
-
Sets service image path in registry
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-