General
-
Target
1977efd0e8fffb1079e0cf05eb8adb9f7801f874c276945a692e073f03ae0de3
-
Size
1.6MB
-
Sample
221128-nstcrsah72
-
MD5
1a4d79fe50eb94248440018bec1bf719
-
SHA1
3232c37fd23cfb74138a2bed42c38e80431b23a8
-
SHA256
1977efd0e8fffb1079e0cf05eb8adb9f7801f874c276945a692e073f03ae0de3
-
SHA512
2018310ee887ed096e77a751c5f472f51614cc37a7c2324c4adfdbef3c0c34bc3335d64d34d09caf70f47b8b5f9b9eb44abf8a191348aa684cae2621e33686d1
-
SSDEEP
49152:Yilb849Reaeu/yiSoTwT/cHb5fuevO8OnrFACfGvBO:Yilb84+ujSoTwTUt05fGvo
Behavioral task
behavioral1
Sample
1977efd0e8fffb1079e0cf05eb8adb9f7801f874c276945a692e073f03ae0de3.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
1977efd0e8fffb1079e0cf05eb8adb9f7801f874c276945a692e073f03ae0de3
-
Size
1.6MB
-
MD5
1a4d79fe50eb94248440018bec1bf719
-
SHA1
3232c37fd23cfb74138a2bed42c38e80431b23a8
-
SHA256
1977efd0e8fffb1079e0cf05eb8adb9f7801f874c276945a692e073f03ae0de3
-
SHA512
2018310ee887ed096e77a751c5f472f51614cc37a7c2324c4adfdbef3c0c34bc3335d64d34d09caf70f47b8b5f9b9eb44abf8a191348aa684cae2621e33686d1
-
SSDEEP
49152:Yilb849Reaeu/yiSoTwT/cHb5fuevO8OnrFACfGvBO:Yilb84+ujSoTwTUt05fGvo
Score10/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-