General
-
Target
1db1abe048a6eb6ea5e95be75702110cd30008abe060bf173b1138efa1cf4182
-
Size
2.2MB
-
Sample
240414-nzlw9sbc5t
-
MD5
452980e09a3ff395d06df0cdec8ad94c
-
SHA1
d774efedd2c17d12f6da63b270843edfeab43b9f
-
SHA256
1db1abe048a6eb6ea5e95be75702110cd30008abe060bf173b1138efa1cf4182
-
SHA512
4e64fb6a6b13e8fb5e394ddd454812b8cc909bb3ccb2568c7df6400ec2d5c62c22f23248bc5461806794e78794d7c31ab5a168f60d099ad1956e8884c49849fa
-
SSDEEP
49152:3SUl6vD5DxN6HHLJFw/QiMIUpm5T864rlRpqhhicCaMD1D7/KOPAn+4Sm6EO:3SSwD5DxkWbMIUpm5Krwh6aqwsXZmG
Static task
static1
Behavioral task
behavioral1
Sample
1db1abe048a6eb6ea5e95be75702110cd30008abe060bf173b1138efa1cf4182.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
risepro
147.45.47.93:58709
Targets
-
-
Target
1db1abe048a6eb6ea5e95be75702110cd30008abe060bf173b1138efa1cf4182
-
Size
2.2MB
-
MD5
452980e09a3ff395d06df0cdec8ad94c
-
SHA1
d774efedd2c17d12f6da63b270843edfeab43b9f
-
SHA256
1db1abe048a6eb6ea5e95be75702110cd30008abe060bf173b1138efa1cf4182
-
SHA512
4e64fb6a6b13e8fb5e394ddd454812b8cc909bb3ccb2568c7df6400ec2d5c62c22f23248bc5461806794e78794d7c31ab5a168f60d099ad1956e8884c49849fa
-
SSDEEP
49152:3SUl6vD5DxN6HHLJFw/QiMIUpm5T864rlRpqhhicCaMD1D7/KOPAn+4Sm6EO:3SSwD5DxkWbMIUpm5Krwh6aqwsXZmG
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-