General
-
Target
WaveTrial.zip
-
Size
192.5MB
-
Sample
240409-c2k7zabh68
-
MD5
5efdd951e8daa21e05ba9247fe88fece
-
SHA1
0a77942e3fdc68de38cdab027b26b97df80d5cd3
-
SHA256
06878ecd45a53d1d4882153d4310c3b485dd57497a6c39426f174c8974586f5b
-
SHA512
9d591eb2843ef805004826434e156fc45f2f1fda30ca0e56b0387a269272907df73983ac0a4c78c4965ac27e9849542c42b8bb7e7a8a46c0b2daa57aaa7849b1
-
SSDEEP
3145728:ir+j11jo5vSXno3Kdr0HeMVnCcDqOKLft+7f13LiDennNVp0jDW6QeKv/063gaY:iiboadruVCdO913OCp0cFXt3U
Behavioral task
behavioral1
Sample
WaveTrial/WaveTrial/Injector.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
WaveTrial/WaveTrial/Wave.exe
Resource
win10v2004-20240319-en
Malware Config
Targets
-
-
Target
WaveTrial/WaveTrial/Injector.exe
-
Size
3.4MB
-
MD5
c6b39ee166d5b0a2c8a9021ccd1593ae
-
SHA1
e480e7c282f64e8b0179c82afe154dd59d14217d
-
SHA256
443b665c5f545a2bdd7855f86bf70a5ee7f35eda1b6b08615161f5809cbda02b
-
SHA512
3864aea36c522ca5658412128e6a4c862a647cf3b1054b9adbe418488590a37600d7639c3eba94ca9de76f087b244b95644c667213b1122889cf2d9b7a4652d2
-
SSDEEP
49152:Kl0nJ28J4VZohYWVGGjW8NhSU7zwo8oXJ2R3KPHsI7coj2J+eNgRpqNc1a:KmnJrJ4DohYWVTJNkIZZ2R6vsmA+FDqN
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
WaveTrial/WaveTrial/Wave.exe
-
Size
7.0MB
-
MD5
a8bd4a6b2f1d00928e61870a5688c13d
-
SHA1
e17646d5279534f2e3eb0e0cfc8b6c536bc0c095
-
SHA256
2c51f67e236cf95e2d51df4178699da09869ab077924cff0b3df1c512878ef2f
-
SHA512
6b5175beea4071668c87b16af3177bbb2cbaff6b28909dc1e09ad5b16b449c62d6adc372a0094de627fe9835f0c474d16708c3f698355ba1664bf321fa19f5fb
-
SSDEEP
98304:37//YITF8r2n8TevxbFKVlXk34tZ+t4+aNG5Lhd+2G4Op0cN+hmdYkvsFLL:37//1xBVqvG5dQ2m0cN+hmdYkvsFLL
Score1/10 -