General
-
Target
d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77
-
Size
776KB
-
Sample
221203-qmfktsdd77
-
MD5
768261006ede6d96c6e83d3c30c11cb2
-
SHA1
9bba0ae8732de04968a6f7b4fe4686ec0d140f8e
-
SHA256
d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77
-
SHA512
ddec49a4dc324ca1283731081800a05dd50536c463545cb03453d788f1e89757ed0a41bfd1a958b8277b17ed283e9b7eee3bd76e937d023477fc2b06a822cbb3
-
SSDEEP
24576:WpVgRQf2LeZtURnLpcC19nvuccY0OQs8zYdwnZLb:WpkQuLnRNRnPUDn1
Static task
static1
Behavioral task
behavioral1
Sample
d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77.dll
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77
-
Size
776KB
-
MD5
768261006ede6d96c6e83d3c30c11cb2
-
SHA1
9bba0ae8732de04968a6f7b4fe4686ec0d140f8e
-
SHA256
d5500bdc6e894accdc511781c1aa1ea5a118960d5cd3a1eb33effadeccecbc77
-
SHA512
ddec49a4dc324ca1283731081800a05dd50536c463545cb03453d788f1e89757ed0a41bfd1a958b8277b17ed283e9b7eee3bd76e937d023477fc2b06a822cbb3
-
SSDEEP
24576:WpVgRQf2LeZtURnLpcC19nvuccY0OQs8zYdwnZLb:WpkQuLnRNRnPUDn1
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-