General
-
Target
bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65
-
Size
727KB
-
Sample
221205-h8bj1acf2w
-
MD5
0e6e52ae9d922ec2377740e2d9d7f72e
-
SHA1
d5dca59868769dd61510af646e41aa830536096a
-
SHA256
bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65
-
SHA512
1eb2805b0a7c4d5c7889026bd21523c562c4b50f24ff1f45fc41255cda8416ca2d67f4125e5a541034c0a8fd413ad82f9c2e27054ea3d657a7d9308f72ed0253
-
SSDEEP
12288:QoqZ0FV03nIjupZm3B21tiWWx0OSa5/4b8EO0y8YMoqxyuuOglaBVuMZ2Ze05k:UIjMEI1tiVSOl5/4gEYjqzIaBsM0
Static task
static1
Behavioral task
behavioral1
Sample
bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65.dll
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65
-
Size
727KB
-
MD5
0e6e52ae9d922ec2377740e2d9d7f72e
-
SHA1
d5dca59868769dd61510af646e41aa830536096a
-
SHA256
bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65
-
SHA512
1eb2805b0a7c4d5c7889026bd21523c562c4b50f24ff1f45fc41255cda8416ca2d67f4125e5a541034c0a8fd413ad82f9c2e27054ea3d657a7d9308f72ed0253
-
SSDEEP
12288:QoqZ0FV03nIjupZm3B21tiWWx0OSa5/4b8EO0y8YMoqxyuuOglaBVuMZ2Ze05k:UIjMEI1tiVSOl5/4gEYjqzIaBsM0
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-