General
-
Target
0f26fd036fc742ceec5f00361d94e54fc620b0045c4ab9249cc90e4260950f8b
-
Size
1.2MB
-
Sample
221127-w361lsdc3t
-
MD5
b61a9989625a4acad24481135e1a14eb
-
SHA1
49bb46a48f17ef00e9222332b2f76ae10df26244
-
SHA256
0f26fd036fc742ceec5f00361d94e54fc620b0045c4ab9249cc90e4260950f8b
-
SHA512
cd6ea896b993c2a1995013871f1a8795b7a16deb45cc3cf6fb2cee9c570940da31c27cd5a09040df164d3014b93255492b91383db38032ca0cfa7ff2861e3575
-
SSDEEP
24576:4+8UOG8ZGc2ObF7k0fbosVe6tnUR1LumVVoPl:46HMGZC1URRZVVoPl
Behavioral task
behavioral1
Sample
0f26fd036fc742ceec5f00361d94e54fc620b0045c4ab9249cc90e4260950f8b.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
0f26fd036fc742ceec5f00361d94e54fc620b0045c4ab9249cc90e4260950f8b
-
Size
1.2MB
-
MD5
b61a9989625a4acad24481135e1a14eb
-
SHA1
49bb46a48f17ef00e9222332b2f76ae10df26244
-
SHA256
0f26fd036fc742ceec5f00361d94e54fc620b0045c4ab9249cc90e4260950f8b
-
SHA512
cd6ea896b993c2a1995013871f1a8795b7a16deb45cc3cf6fb2cee9c570940da31c27cd5a09040df164d3014b93255492b91383db38032ca0cfa7ff2861e3575
-
SSDEEP
24576:4+8UOG8ZGc2ObF7k0fbosVe6tnUR1LumVVoPl:46HMGZC1URRZVVoPl
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-