General
-
Target
e4040508c47e91091783246687545cd843bc840c4fbdb7cea0bf02f6f9d98ea8
-
Size
2.4MB
-
Sample
221206-rc5bwagg9z
-
MD5
d76b03b95b956a305ce2f93023197208
-
SHA1
cb7f28370df656172d5fc474a0a658c76b69891f
-
SHA256
e4040508c47e91091783246687545cd843bc840c4fbdb7cea0bf02f6f9d98ea8
-
SHA512
1514af9be0e8533f25cf47ac176867530cc62568b74fb8fbe8eaf50fb5c649684edcd2140b133b9f93f85824b0ec13ff06dd32045f9597310b905ab14020137d
-
SSDEEP
49152:ywFSeciBKrdBrGQ/1bYgMdtzAHwldV7T9s362PEUtoBttvLMnGkHza0ec+:ywqiBKiwOgMd+IV7Tq362PEzttcJf+
Malware Config
Targets
-
-
Target
e4040508c47e91091783246687545cd843bc840c4fbdb7cea0bf02f6f9d98ea8
-
Size
2.4MB
-
MD5
d76b03b95b956a305ce2f93023197208
-
SHA1
cb7f28370df656172d5fc474a0a658c76b69891f
-
SHA256
e4040508c47e91091783246687545cd843bc840c4fbdb7cea0bf02f6f9d98ea8
-
SHA512
1514af9be0e8533f25cf47ac176867530cc62568b74fb8fbe8eaf50fb5c649684edcd2140b133b9f93f85824b0ec13ff06dd32045f9597310b905ab14020137d
-
SSDEEP
49152:ywFSeciBKrdBrGQ/1bYgMdtzAHwldV7T9s362PEUtoBttvLMnGkHza0ec+:ywqiBKiwOgMd+IV7Tq362PEzttcJf+
Score8/10-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-