General
-
Target
74f42b1bc557572f11e9a450c0a0a232
-
Size
3.6MB
-
Sample
240125-tswe1sbdbm
-
MD5
74f42b1bc557572f11e9a450c0a0a232
-
SHA1
33190f5cd1b03c6439b6bc8289b054c85ffdc0ef
-
SHA256
aa8764c82ac6963672dfd4f3c25bf248108f435eb5d464ad2902000546a765be
-
SHA512
99eea1b9bcb448131f8d17bb67a4967583adc4fbfc8c532fd688ad29d3798094472996e117f1aeba3090c11da41a3ddf43513c4da38c15b573c3cbe6a7f75f16
-
SSDEEP
98304:gt03hK/8jmL4pXPIPc1WY6I+e1nutwE/5Ql21T6:1K/0mMlHZ+e1b/U6
Static task
static1
Behavioral task
behavioral1
Sample
74f42b1bc557572f11e9a450c0a0a232.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
74f42b1bc557572f11e9a450c0a0a232
-
Size
3.6MB
-
MD5
74f42b1bc557572f11e9a450c0a0a232
-
SHA1
33190f5cd1b03c6439b6bc8289b054c85ffdc0ef
-
SHA256
aa8764c82ac6963672dfd4f3c25bf248108f435eb5d464ad2902000546a765be
-
SHA512
99eea1b9bcb448131f8d17bb67a4967583adc4fbfc8c532fd688ad29d3798094472996e117f1aeba3090c11da41a3ddf43513c4da38c15b573c3cbe6a7f75f16
-
SSDEEP
98304:gt03hK/8jmL4pXPIPc1WY6I+e1nutwE/5Ql21T6:1K/0mMlHZ+e1b/U6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops startup file
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-