General
-
Target
74ede59e4cfc7c330f8a48dd3c775fe3
-
Size
3.3MB
-
Sample
240125-tjd5daace2
-
MD5
74ede59e4cfc7c330f8a48dd3c775fe3
-
SHA1
ba99acdbf190aa7e39aa6074384439de0336d629
-
SHA256
448e58ff51c6c611f5bc5785ca105f91783e1377d0ece9e9c7f9ea5e600a48da
-
SHA512
f4ee80e8679a48e60f5dd3fd623f202b036b3e1c9fe4e0da6ad3bf71adb9b5bbc061c7ba88dfce342915bd2f5af17583a625e353a2ddcb608590a217bb84950e
-
SSDEEP
98304:HILlpufGXeNgKbVm4YO54XeoHv7/MiRek0Xa:HILMGXeNNVJYOg1RB
Static task
static1
Behavioral task
behavioral1
Sample
74ede59e4cfc7c330f8a48dd3c775fe3.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
74ede59e4cfc7c330f8a48dd3c775fe3
-
Size
3.3MB
-
MD5
74ede59e4cfc7c330f8a48dd3c775fe3
-
SHA1
ba99acdbf190aa7e39aa6074384439de0336d629
-
SHA256
448e58ff51c6c611f5bc5785ca105f91783e1377d0ece9e9c7f9ea5e600a48da
-
SHA512
f4ee80e8679a48e60f5dd3fd623f202b036b3e1c9fe4e0da6ad3bf71adb9b5bbc061c7ba88dfce342915bd2f5af17583a625e353a2ddcb608590a217bb84950e
-
SSDEEP
98304:HILlpufGXeNgKbVm4YO54XeoHv7/MiRek0Xa:HILMGXeNNVJYOg1RB
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-