General
-
Target
b86a1826dcb480327e94708e9278eee024f2b3c2c2dbed17b9944d62888385aa
-
Size
2.2MB
-
Sample
240415-vccteabc38
-
MD5
495d0121487de5a44c557a3209d842ec
-
SHA1
a2a0dbe3b86ae87c2f3c039b4914e0720e48a9bd
-
SHA256
b86a1826dcb480327e94708e9278eee024f2b3c2c2dbed17b9944d62888385aa
-
SHA512
160f684ef6e66479a22177cfd2b1e6f2404d310f33f97eb2a3cc4545368a93277002b37822efa90c7ded6608b72bf03d627aed228447e980c56b32d5cb1502ba
-
SSDEEP
49152:aSUl6vD5DxN6HHLJFwsMQF/Oc5hLD3oJX0SCqBojG37b0GKGe5XyKc:aSSwD5DxkVbV30ESCqTMWwX1c
Static task
static1
Behavioral task
behavioral1
Sample
b86a1826dcb480327e94708e9278eee024f2b3c2c2dbed17b9944d62888385aa.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
risepro
147.45.47.93:58709
Targets
-
-
Target
b86a1826dcb480327e94708e9278eee024f2b3c2c2dbed17b9944d62888385aa
-
Size
2.2MB
-
MD5
495d0121487de5a44c557a3209d842ec
-
SHA1
a2a0dbe3b86ae87c2f3c039b4914e0720e48a9bd
-
SHA256
b86a1826dcb480327e94708e9278eee024f2b3c2c2dbed17b9944d62888385aa
-
SHA512
160f684ef6e66479a22177cfd2b1e6f2404d310f33f97eb2a3cc4545368a93277002b37822efa90c7ded6608b72bf03d627aed228447e980c56b32d5cb1502ba
-
SSDEEP
49152:aSUl6vD5DxN6HHLJFwsMQF/Oc5hLD3oJX0SCqBojG37b0GKGe5XyKc:aSSwD5DxkVbV30ESCqTMWwX1c
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-