General
-
Target
e63f30968164860ee9552144b9a2def55caf528cc684169396dc8041f721f143
-
Size
2.3MB
-
Sample
240425-lv7xtshe9v
-
MD5
f40b677390c3e84f7e66f3154d9f2774
-
SHA1
b8c787012fe05f52e2b925104e219de97a032c52
-
SHA256
e63f30968164860ee9552144b9a2def55caf528cc684169396dc8041f721f143
-
SHA512
c66bb848b462ef22557946c2e84d2bfa5878512bdf68d51899703b074b6565e85cd93fa5c9be2c035daa095352d6e4a1618561c2aa94e2f06a655e10d74d2391
-
SSDEEP
49152:Qg69SebPPiKgYye1m9ARCKswlBNBWm0OE8/fAnzlXPTdM:Qg69SebiimmBNBWDm6zdPTdM
Static task
static1
Behavioral task
behavioral1
Sample
e63f30968164860ee9552144b9a2def55caf528cc684169396dc8041f721f143.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
e63f30968164860ee9552144b9a2def55caf528cc684169396dc8041f721f143
-
Size
2.3MB
-
MD5
f40b677390c3e84f7e66f3154d9f2774
-
SHA1
b8c787012fe05f52e2b925104e219de97a032c52
-
SHA256
e63f30968164860ee9552144b9a2def55caf528cc684169396dc8041f721f143
-
SHA512
c66bb848b462ef22557946c2e84d2bfa5878512bdf68d51899703b074b6565e85cd93fa5c9be2c035daa095352d6e4a1618561c2aa94e2f06a655e10d74d2391
-
SSDEEP
49152:Qg69SebPPiKgYye1m9ARCKswlBNBWm0OE8/fAnzlXPTdM:Qg69SebiimmBNBWDm6zdPTdM
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-