General

  • Target

    d377e8a0f4ff6b7fb19e67692c8905ad409c61a3c2b50a17a5290108ce57e4d6

  • Size

    5.1MB

  • Sample

    221202-vqaafagb78

  • MD5

    811f4faf0423cb1f853185cede912b1a

  • SHA1

    250ba9119da15253f2288ef008545574bde48150

  • SHA256

    d377e8a0f4ff6b7fb19e67692c8905ad409c61a3c2b50a17a5290108ce57e4d6

  • SHA512

    87cfe208120c53a15cfa2617821b1013323392158f94a9f7b1b457ae023efbfbd0f78331daff50066f25aac631b8feaabb091ed273623e51e81bd564e2fbe075

  • SSDEEP

    98304:dQaElYj1yRAkBgWsopC8X95avLlrWvGYSQqhn07/Fa6eq+pKktjpqDqLAHd0g2dp:OFghPAEhYhydQ8KW65y16bfGVxNnoU9q

Score
9/10

Malware Config

Targets

    • Target

      d377e8a0f4ff6b7fb19e67692c8905ad409c61a3c2b50a17a5290108ce57e4d6

    • Size

      5.1MB

    • MD5

      811f4faf0423cb1f853185cede912b1a

    • SHA1

      250ba9119da15253f2288ef008545574bde48150

    • SHA256

      d377e8a0f4ff6b7fb19e67692c8905ad409c61a3c2b50a17a5290108ce57e4d6

    • SHA512

      87cfe208120c53a15cfa2617821b1013323392158f94a9f7b1b457ae023efbfbd0f78331daff50066f25aac631b8feaabb091ed273623e51e81bd564e2fbe075

    • SSDEEP

      98304:dQaElYj1yRAkBgWsopC8X95avLlrWvGYSQqhn07/Fa6eq+pKktjpqDqLAHd0g2dp:OFghPAEhYhydQ8KW65y16bfGVxNnoU9q

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks