General

  • Target

    d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77

  • Size

    776KB

  • Sample

    221203-qmfktsdd77

  • MD5

    768261006ede6d96c6e83d3c30c11cb2

  • SHA1

    9bba0ae8732de04968a6f7b4fe4686ec0d140f8e

  • SHA256

    d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77

  • SHA512

    ddec49a4dc324ca1283731081800a05dd50536c463545cb03453d788f1e89757ed0a41bfd1a958b8277b17ed283e9b7eee3bd76e937d023477fc2b06a822cbb3

  • SSDEEP

    24576:WpVgRQf2LeZtURnLpcC19nvuccY0OQs8zYdwnZLb:WpkQuLnRNRnPUDn1

Score
9/10

Malware Config

Targets

    • Target

      d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77

    • Size

      776KB

    • MD5

      768261006ede6d96c6e83d3c30c11cb2

    • SHA1

      9bba0ae8732de04968a6f7b4fe4686ec0d140f8e

    • SHA256

      d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77

    • SHA512

      ddec49a4dc324ca1283731081800a05dd50536c463545cb03453d788f1e89757ed0a41bfd1a958b8277b17ed283e9b7eee3bd76e937d023477fc2b06a822cbb3

    • SSDEEP

      24576:WpVgRQf2LeZtURnLpcC19nvuccY0OQs8zYdwnZLb:WpkQuLnRNRnPUDn1

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks