General
-
Target
89a5f8d107ccd6e4f33c46d8f2537ecef2d40ce7ced886abe612d987e083230b
-
Size
2.3MB
-
Sample
240425-ds4hmaee8s
-
MD5
6df079b2ef158596cb5df9d964a69561
-
SHA1
9a9e9100eae04e840f1cc260b525291d5939459f
-
SHA256
89a5f8d107ccd6e4f33c46d8f2537ecef2d40ce7ced886abe612d987e083230b
-
SHA512
0ab0629726db0432d965c4736fc96ef5f4b84e24478f0917095091aabaee904afadc4d229ecc256857bdddc5609d6044ead147b02513ed35571a54c1a1c2c874
-
SSDEEP
49152:/g69SebPPiKgYy0b7gTXNunBngXI+dM7zjUfaZ542Inh8RGdbCME6Om:/g69SebiUSKBngXInjU+TYGQdb7Om
Static task
static1
Behavioral task
behavioral1
Sample
89a5f8d107ccd6e4f33c46d8f2537ecef2d40ce7ced886abe612d987e083230b.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
89a5f8d107ccd6e4f33c46d8f2537ecef2d40ce7ced886abe612d987e083230b
-
Size
2.3MB
-
MD5
6df079b2ef158596cb5df9d964a69561
-
SHA1
9a9e9100eae04e840f1cc260b525291d5939459f
-
SHA256
89a5f8d107ccd6e4f33c46d8f2537ecef2d40ce7ced886abe612d987e083230b
-
SHA512
0ab0629726db0432d965c4736fc96ef5f4b84e24478f0917095091aabaee904afadc4d229ecc256857bdddc5609d6044ead147b02513ed35571a54c1a1c2c874
-
SSDEEP
49152:/g69SebPPiKgYy0b7gTXNunBngXI+dM7zjUfaZ542Inh8RGdbCME6Om:/g69SebiUSKBngXInjU+TYGQdb7Om
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-