General
-
Target
a21878326e9df5eee4787cff250ae0af8bab15c61e44f454db5f0f50542fa714
-
Size
1.3MB
-
Sample
221126-vqj5msaf94
-
MD5
5ea2e1377f26539ad90d54e47aa28fbf
-
SHA1
5b5cf6803eb93c5d87981786c04186497ec412e7
-
SHA256
a21878326e9df5eee4787cff250ae0af8bab15c61e44f454db5f0f50542fa714
-
SHA512
d736b949edd6543c3dd34ba29f4c576e24a8b66938ee465845b6bba7619134b1b4324d3b3e661368fa3c29c0d9a9a64f6645acba7e792b25390ad803805cded0
-
SSDEEP
24576:p16QlQCkQU9BSrui3NkBLwCPartrtmbaXWLEIjWxV/Jdq2fv:p119NqieLwCPOt8WvJBf
Static task
static1
Behavioral task
behavioral1
Sample
a21878326e9df5eee4787cff250ae0af8bab15c61e44f454db5f0f50542fa714.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a21878326e9df5eee4787cff250ae0af8bab15c61e44f454db5f0f50542fa714.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
a21878326e9df5eee4787cff250ae0af8bab15c61e44f454db5f0f50542fa714
-
Size
1.3MB
-
MD5
5ea2e1377f26539ad90d54e47aa28fbf
-
SHA1
5b5cf6803eb93c5d87981786c04186497ec412e7
-
SHA256
a21878326e9df5eee4787cff250ae0af8bab15c61e44f454db5f0f50542fa714
-
SHA512
d736b949edd6543c3dd34ba29f4c576e24a8b66938ee465845b6bba7619134b1b4324d3b3e661368fa3c29c0d9a9a64f6645acba7e792b25390ad803805cded0
-
SSDEEP
24576:p16QlQCkQU9BSrui3NkBLwCPartrtmbaXWLEIjWxV/Jdq2fv:p119NqieLwCPOt8WvJBf
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-