General

  • Target

    6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08

  • Size

    803KB

  • Sample

    221201-ej9hysfh3z

  • MD5

    079e445dd98724a469d693ebdb37bc8c

  • SHA1

    381114eb0ec6b1cff74cfaf33fb0ecd08f4fa44d

  • SHA256

    6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08

  • SHA512

    0fc936f670f3b930dcb52263308baa2c1e77ff25d671b0ab5c8cb684d7cec1b0a744973daada20ae612e10c2d1fa31e29329c29aca59ba579fd6266db8637a15

  • SSDEEP

    24576:gNTjluBFL47h+leHR1xNz7c56UQWIq98WtJegm0:gNTjYz/lWRj2R9DtJes

Score
9/10

Malware Config

Targets

    • Target

      6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08

    • Size

      803KB

    • MD5

      079e445dd98724a469d693ebdb37bc8c

    • SHA1

      381114eb0ec6b1cff74cfaf33fb0ecd08f4fa44d

    • SHA256

      6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08

    • SHA512

      0fc936f670f3b930dcb52263308baa2c1e77ff25d671b0ab5c8cb684d7cec1b0a744973daada20ae612e10c2d1fa31e29329c29aca59ba579fd6266db8637a15

    • SSDEEP

      24576:gNTjluBFL47h+leHR1xNz7c56UQWIq98WtJegm0:gNTjYz/lWRj2R9DtJes

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks