General
-
Target
8096e1296e9cc0b913101fd79eddda037ae513c9973f07066270abf3fb3d0b58
-
Size
919KB
-
Sample
221129-hvnmeaaf2s
-
MD5
460f7f13dcf4910c982fbd2faaf4b9f7
-
SHA1
93f37b5851afa3be62abff689c275fd905e17779
-
SHA256
8096e1296e9cc0b913101fd79eddda037ae513c9973f07066270abf3fb3d0b58
-
SHA512
6d5aeaaf82faa5b0b4d11bc10e0fa65294876724f8d9629a2f619368c517449bfb7e725006b725d30134e9da5fa84f27888252b72a2a7555f62138a005e8735e
-
SSDEEP
24576:A4rA2sfoujTvsJ0RxhK2fZ++GkNtRFEDw7fzU9BVzKTc:AqFaxhKowpkNtRFEUjgPVzoc
Behavioral task
behavioral1
Sample
8096e1296e9cc0b913101fd79eddda037ae513c9973f07066270abf3fb3d0b58.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
8096e1296e9cc0b913101fd79eddda037ae513c9973f07066270abf3fb3d0b58
-
Size
919KB
-
MD5
460f7f13dcf4910c982fbd2faaf4b9f7
-
SHA1
93f37b5851afa3be62abff689c275fd905e17779
-
SHA256
8096e1296e9cc0b913101fd79eddda037ae513c9973f07066270abf3fb3d0b58
-
SHA512
6d5aeaaf82faa5b0b4d11bc10e0fa65294876724f8d9629a2f619368c517449bfb7e725006b725d30134e9da5fa84f27888252b72a2a7555f62138a005e8735e
-
SSDEEP
24576:A4rA2sfoujTvsJ0RxhK2fZ++GkNtRFEDw7fzU9BVzKTc:AqFaxhKowpkNtRFEUjgPVzoc
Score8/10-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-