General
-
Target
a44f02929b8c9508ced5574c76d26f88c603d2cddf31e7bb9090aff2105d02bc
-
Size
2.3MB
-
Sample
240428-dyw1qsfa59
-
MD5
5a842c35e9aab671a4400663d77732b8
-
SHA1
bb6cfb671240efaf34bb9a0f6e05a90e3fafdd79
-
SHA256
a44f02929b8c9508ced5574c76d26f88c603d2cddf31e7bb9090aff2105d02bc
-
SHA512
e338558ce4ab2c1d8a00b7d82b3c9267656ec7da08c4baaa1b9016134812f35a79a9629500b5f7eb0b012cb42c5c32d9fbf236fd9c2deca895dfb89cc9a15797
-
SSDEEP
49152:Tg69SebPPiKgYycscsxq6ncf0Q+iSDu0TyQc/zFzrxnimqGW:Tg69SebiAGcdchTyQQp3xniQ
Static task
static1
Behavioral task
behavioral1
Sample
a44f02929b8c9508ced5574c76d26f88c603d2cddf31e7bb9090aff2105d02bc.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
a44f02929b8c9508ced5574c76d26f88c603d2cddf31e7bb9090aff2105d02bc
-
Size
2.3MB
-
MD5
5a842c35e9aab671a4400663d77732b8
-
SHA1
bb6cfb671240efaf34bb9a0f6e05a90e3fafdd79
-
SHA256
a44f02929b8c9508ced5574c76d26f88c603d2cddf31e7bb9090aff2105d02bc
-
SHA512
e338558ce4ab2c1d8a00b7d82b3c9267656ec7da08c4baaa1b9016134812f35a79a9629500b5f7eb0b012cb42c5c32d9fbf236fd9c2deca895dfb89cc9a15797
-
SSDEEP
49152:Tg69SebPPiKgYycscsxq6ncf0Q+iSDu0TyQc/zFzrxnimqGW:Tg69SebiAGcdchTyQQp3xniQ
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-