General
-
Target
60d519f6102d10fb77719485db128f0648169570e51f7574a20ece8e65f961db
-
Size
2.2MB
-
Sample
240415-jq8mfscc6z
-
MD5
bceac58730411c72be03fa0f34ed64ab
-
SHA1
4f90bd7b5d36858965793fcaa538e3c0bd937227
-
SHA256
60d519f6102d10fb77719485db128f0648169570e51f7574a20ece8e65f961db
-
SHA512
4e4f702c6022d42b25ba9544c4655b60164243c8fcb716a918d501eb8ec115d5bffb152b9f2cf158879918e6b72176c7e5d4f2e6b3af999915d5ad66d2bbad27
-
SSDEEP
49152:KSUl6vD5DxN6HHLJ9taKrOG+jPSopfyQKTQw5X5ysu:KSSwD5Dxk3yj4+
Static task
static1
Behavioral task
behavioral1
Sample
60d519f6102d10fb77719485db128f0648169570e51f7574a20ece8e65f961db.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
risepro
147.45.47.93:58709
Targets
-
-
Target
60d519f6102d10fb77719485db128f0648169570e51f7574a20ece8e65f961db
-
Size
2.2MB
-
MD5
bceac58730411c72be03fa0f34ed64ab
-
SHA1
4f90bd7b5d36858965793fcaa538e3c0bd937227
-
SHA256
60d519f6102d10fb77719485db128f0648169570e51f7574a20ece8e65f961db
-
SHA512
4e4f702c6022d42b25ba9544c4655b60164243c8fcb716a918d501eb8ec115d5bffb152b9f2cf158879918e6b72176c7e5d4f2e6b3af999915d5ad66d2bbad27
-
SSDEEP
49152:KSUl6vD5DxN6HHLJ9taKrOG+jPSopfyQKTQw5X5ysu:KSSwD5Dxk3yj4+
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-