General

  • Target

    bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65

  • Size

    727KB

  • Sample

    221205-h8bj1acf2w

  • MD5

    0e6e52ae9d922ec2377740e2d9d7f72e

  • SHA1

    d5dca59868769dd61510af646e41aa830536096a

  • SHA256

    bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65

  • SHA512

    1eb2805b0a7c4d5c7889026bd21523c562c4b50f24ff1f45fc41255cda8416ca2d67f4125e5a541034c0a8fd413ad82f9c2e27054ea3d657a7d9308f72ed0253

  • SSDEEP

    12288:QoqZ0FV03nIjupZm3B21tiWWx0OSa5/4b8EO0y8YMoqxyuuOglaBVuMZ2Ze05k:UIjMEI1tiVSOl5/4gEYjqzIaBsM0

Score
9/10

Malware Config

Targets

    • Target

      bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65

    • Size

      727KB

    • MD5

      0e6e52ae9d922ec2377740e2d9d7f72e

    • SHA1

      d5dca59868769dd61510af646e41aa830536096a

    • SHA256

      bd0488bd8c388dd8f1055b7429a0b406d29a8d0f6c44e710c8887b48e1828b65

    • SHA512

      1eb2805b0a7c4d5c7889026bd21523c562c4b50f24ff1f45fc41255cda8416ca2d67f4125e5a541034c0a8fd413ad82f9c2e27054ea3d657a7d9308f72ed0253

    • SSDEEP

      12288:QoqZ0FV03nIjupZm3B21tiWWx0OSa5/4b8EO0y8YMoqxyuuOglaBVuMZ2Ze05k:UIjMEI1tiVSOl5/4gEYjqzIaBsM0

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks