General
-
Target
8ceead46feb2d667c02b2db1354b110084ae52eda812d931b97e642fae1832c3
-
Size
2.3MB
-
Sample
240425-dvx4maef2w
-
MD5
b37a84600b729f9dc5880e55a6e7dd86
-
SHA1
9a61a5c1c1ebf03cd2cd5e079a025645a1828234
-
SHA256
8ceead46feb2d667c02b2db1354b110084ae52eda812d931b97e642fae1832c3
-
SHA512
7e68a3d5f66c5b1f99d59cc779623f55678f41d40a306436cb8d342e856982001cbcf45384e09760b662b86ad362bbf5fdea3f811a724314ad6905ef4240f3ad
-
SSDEEP
49152:+g69SebPPiKgYyPZh+6rACPUM8OjBt0CMg/dKDFfirkNn:+g69SebihLh8CsM8Ojf5igsn
Static task
static1
Behavioral task
behavioral1
Sample
8ceead46feb2d667c02b2db1354b110084ae52eda812d931b97e642fae1832c3.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
8ceead46feb2d667c02b2db1354b110084ae52eda812d931b97e642fae1832c3
-
Size
2.3MB
-
MD5
b37a84600b729f9dc5880e55a6e7dd86
-
SHA1
9a61a5c1c1ebf03cd2cd5e079a025645a1828234
-
SHA256
8ceead46feb2d667c02b2db1354b110084ae52eda812d931b97e642fae1832c3
-
SHA512
7e68a3d5f66c5b1f99d59cc779623f55678f41d40a306436cb8d342e856982001cbcf45384e09760b662b86ad362bbf5fdea3f811a724314ad6905ef4240f3ad
-
SSDEEP
49152:+g69SebPPiKgYyPZh+6rACPUM8OjBt0CMg/dKDFfirkNn:+g69SebihLh8CsM8Ojf5igsn
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-