General
-
Target
01d2761b44311c583f9037ffe220f1fa243295b9c4d0bda45a2e383f03719739
-
Size
736KB
-
Sample
221129-nbpcgsdc47
-
MD5
c8e58e6f48d0712b036459b48bdd0020
-
SHA1
fb2cc3ff4623fd514a6f0ab708778b088b4410ff
-
SHA256
01d2761b44311c583f9037ffe220f1fa243295b9c4d0bda45a2e383f03719739
-
SHA512
d8a769869d29c8aeb57ffcebf593c97fd58e0b3fce9063082e5dc93ef43ceeb373e7ae9bb4492fb1e3d0e46e7f6009494ac49b5bfd0c369bda84f8d870e16b89
-
SSDEEP
12288:iwKrE+4HcKj7dITRcYpOSPWDbxNEFpJq4opFUv/yB+ptIlyKsmT/ufPoYStAGa8:9KHur6gDVNEFOm/3ptIofm8QTAG3
Malware Config
Targets
-
-
Target
01d2761b44311c583f9037ffe220f1fa243295b9c4d0bda45a2e383f03719739
-
Size
736KB
-
MD5
c8e58e6f48d0712b036459b48bdd0020
-
SHA1
fb2cc3ff4623fd514a6f0ab708778b088b4410ff
-
SHA256
01d2761b44311c583f9037ffe220f1fa243295b9c4d0bda45a2e383f03719739
-
SHA512
d8a769869d29c8aeb57ffcebf593c97fd58e0b3fce9063082e5dc93ef43ceeb373e7ae9bb4492fb1e3d0e46e7f6009494ac49b5bfd0c369bda84f8d870e16b89
-
SSDEEP
12288:iwKrE+4HcKj7dITRcYpOSPWDbxNEFpJq4opFUv/yB+ptIlyKsmT/ufPoYStAGa8:9KHur6gDVNEFOm/3ptIofm8QTAG3
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-