General
-
Target
6637348539dde9a51296eeac3b8e553ccb9c9f75b7d87230b2a4506d9d69f8ae
-
Size
2.3MB
-
Sample
240428-d1zjmsfd81
-
MD5
7297a98a1478a35a5c26cb70c39e1544
-
SHA1
eda7e0ea3c32879de4fcbdc0ca47c47e033a9460
-
SHA256
6637348539dde9a51296eeac3b8e553ccb9c9f75b7d87230b2a4506d9d69f8ae
-
SHA512
3d57847631080a34ea7776a66d9ff26adeed817be256def5dece9ff1a6e7cb26a709a444f48465c67c04fa30c899440e773bacd0631318bcae82fa6e25963bc5
-
SSDEEP
49152:Vg69SebPPiKgYyXQWPVtgS4J0kG0ccpyhRmONh1TfaNi8CAgb:Vg69Sebi/PVl0FqrN3TfaNZCAs
Static task
static1
Behavioral task
behavioral1
Sample
6637348539dde9a51296eeac3b8e553ccb9c9f75b7d87230b2a4506d9d69f8ae.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
6637348539dde9a51296eeac3b8e553ccb9c9f75b7d87230b2a4506d9d69f8ae
-
Size
2.3MB
-
MD5
7297a98a1478a35a5c26cb70c39e1544
-
SHA1
eda7e0ea3c32879de4fcbdc0ca47c47e033a9460
-
SHA256
6637348539dde9a51296eeac3b8e553ccb9c9f75b7d87230b2a4506d9d69f8ae
-
SHA512
3d57847631080a34ea7776a66d9ff26adeed817be256def5dece9ff1a6e7cb26a709a444f48465c67c04fa30c899440e773bacd0631318bcae82fa6e25963bc5
-
SSDEEP
49152:Vg69SebPPiKgYyXQWPVtgS4J0kG0ccpyhRmONh1TfaNi8CAgb:Vg69Sebi/PVl0FqrN3TfaNZCAs
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-