General
-
Target
21395b199ff788decd7b2f416ac2d80682f856ca729f695586c8aec71b333916
-
Size
2.3MB
-
Sample
240425-plv4fsag34
-
MD5
7b7a3eb9fd9cbcc795bcf8347c8e41a3
-
SHA1
c52c237ffe963889c590478b31a2c91e7a4fb316
-
SHA256
21395b199ff788decd7b2f416ac2d80682f856ca729f695586c8aec71b333916
-
SHA512
e9543e61c7ff8095572275db92f89baa8202cc7a742cef92be1337030105dbbb9a953e8f2c2f67aac731f10652dc27341741807e432c00c268cf704a4ed1b087
-
SSDEEP
49152:7g69SebPPiKgYyXRR54JUvaGdeebBRVJ7Z9WG01iDtlM8t:7g69SebiMUoOVtWqZlN
Static task
static1
Behavioral task
behavioral1
Sample
21395b199ff788decd7b2f416ac2d80682f856ca729f695586c8aec71b333916.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
21395b199ff788decd7b2f416ac2d80682f856ca729f695586c8aec71b333916
-
Size
2.3MB
-
MD5
7b7a3eb9fd9cbcc795bcf8347c8e41a3
-
SHA1
c52c237ffe963889c590478b31a2c91e7a4fb316
-
SHA256
21395b199ff788decd7b2f416ac2d80682f856ca729f695586c8aec71b333916
-
SHA512
e9543e61c7ff8095572275db92f89baa8202cc7a742cef92be1337030105dbbb9a953e8f2c2f67aac731f10652dc27341741807e432c00c268cf704a4ed1b087
-
SSDEEP
49152:7g69SebPPiKgYyXRR54JUvaGdeebBRVJ7Z9WG01iDtlM8t:7g69SebiMUoOVtWqZlN
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-