General
-
Target
80f0a529ff18ea8cd08ff0540ef7ae25e677a33a5c8e769e3592d152963098fe
-
Size
1.5MB
-
Sample
221201-c4a5sabe3w
-
MD5
efe08805f4874f19a80db0571e6060a9
-
SHA1
b36ae5c2ed51abcba5a749290d1141664f036b28
-
SHA256
80f0a529ff18ea8cd08ff0540ef7ae25e677a33a5c8e769e3592d152963098fe
-
SHA512
3d74eacc14da39bc6fd95c4a52702a19994446d5c46caa971656a4b715a75f0ec607bd7389cf528f198da359e07049cbbba09d279b775ca90c71ad4bbe177e48
-
SSDEEP
24576:gRdQmPCAfVFJqnHBQ8csMB3lpaSU81WajtNHHlAimgus/l8ii2z21B4ZY:gRxPh14Q8csMhaSU0TJNH+jgusdvVZY
Malware Config
Targets
-
-
Target
80f0a529ff18ea8cd08ff0540ef7ae25e677a33a5c8e769e3592d152963098fe
-
Size
1.5MB
-
MD5
efe08805f4874f19a80db0571e6060a9
-
SHA1
b36ae5c2ed51abcba5a749290d1141664f036b28
-
SHA256
80f0a529ff18ea8cd08ff0540ef7ae25e677a33a5c8e769e3592d152963098fe
-
SHA512
3d74eacc14da39bc6fd95c4a52702a19994446d5c46caa971656a4b715a75f0ec607bd7389cf528f198da359e07049cbbba09d279b775ca90c71ad4bbe177e48
-
SSDEEP
24576:gRdQmPCAfVFJqnHBQ8csMB3lpaSU81WajtNHHlAimgus/l8ii2z21B4ZY:gRxPh14Q8csMhaSU0TJNH+jgusdvVZY
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-