General
-
Target
8eaaca3f5861d92d5d7bc8d9b223aa66ca2028df574d9f5c7b24622f61b73ccc
-
Size
680KB
-
Sample
221129-spspaaec7z
-
MD5
1a4e393b83e0b2e028234511a65bf1e2
-
SHA1
542294847ff7cd498c059cb4dabbc97ba298c77e
-
SHA256
8eaaca3f5861d92d5d7bc8d9b223aa66ca2028df574d9f5c7b24622f61b73ccc
-
SHA512
3884b9759396718b4384163c619e0864f7ccc1c0cafe9979d15533d94efbf334ce4a1750a66f2123d0c1ba4632c1a77c03da4536a10c15e50ee759e7b4fcf70d
-
SSDEEP
12288:eN+V7pFV/WfwMGW9ptkUWzqtf+6P8ycbro/rENe3YRJwj6QKqsHj5Z0fd+do:J9HuBr9ptkUWzqt/UoYAYAZKPHngdY
Behavioral task
behavioral1
Sample
8eaaca3f5861d92d5d7bc8d9b223aa66ca2028df574d9f5c7b24622f61b73ccc.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
8eaaca3f5861d92d5d7bc8d9b223aa66ca2028df574d9f5c7b24622f61b73ccc
-
Size
680KB
-
MD5
1a4e393b83e0b2e028234511a65bf1e2
-
SHA1
542294847ff7cd498c059cb4dabbc97ba298c77e
-
SHA256
8eaaca3f5861d92d5d7bc8d9b223aa66ca2028df574d9f5c7b24622f61b73ccc
-
SHA512
3884b9759396718b4384163c619e0864f7ccc1c0cafe9979d15533d94efbf334ce4a1750a66f2123d0c1ba4632c1a77c03da4536a10c15e50ee759e7b4fcf70d
-
SSDEEP
12288:eN+V7pFV/WfwMGW9ptkUWzqtf+6P8ycbro/rENe3YRJwj6QKqsHj5Z0fd+do:J9HuBr9ptkUWzqt/UoYAYAZKPHngdY
Score8/10-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-