General
-
Target
6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08
-
Size
803KB
-
Sample
221201-ej9hysfh3z
-
MD5
079e445dd98724a469d693ebdb37bc8c
-
SHA1
381114eb0ec6b1cff74cfaf33fb0ecd08f4fa44d
-
SHA256
6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08
-
SHA512
0fc936f670f3b930dcb52263308baa2c1e77ff25d671b0ab5c8cb684d7cec1b0a744973daada20ae612e10c2d1fa31e29329c29aca59ba579fd6266db8637a15
-
SSDEEP
24576:gNTjluBFL47h+leHR1xNz7c56UQWIq98WtJegm0:gNTjYz/lWRj2R9DtJes
Static task
static1
Behavioral task
behavioral1
Sample
6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08.dll
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08
-
Size
803KB
-
MD5
079e445dd98724a469d693ebdb37bc8c
-
SHA1
381114eb0ec6b1cff74cfaf33fb0ecd08f4fa44d
-
SHA256
6ae8b0dc915879185972372cf15b492431365be9bedbab31395fca709d33ec08
-
SHA512
0fc936f670f3b930dcb52263308baa2c1e77ff25d671b0ab5c8cb684d7cec1b0a744973daada20ae612e10c2d1fa31e29329c29aca59ba579fd6266db8637a15
-
SSDEEP
24576:gNTjluBFL47h+leHR1xNz7c56UQWIq98WtJegm0:gNTjYz/lWRj2R9DtJes
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-