General
-
Target
8c33202269a26454745bd6cd23fa0ab9bd5cd1d6c43afc84e1a0272fe956851c
-
Size
2.3MB
-
Sample
240428-hvdr7sag4v
-
MD5
06651d13c6c39eff6dfcb22113baa1bb
-
SHA1
c529dab703ed83ded5b9cc1bb42f08af963e7247
-
SHA256
8c33202269a26454745bd6cd23fa0ab9bd5cd1d6c43afc84e1a0272fe956851c
-
SHA512
14232aa3223b8f27a68504e920dbd092c438242d430bddbb1f3f1a0f2789364a708b074bdacf305cbd173941a33ca4b79c745f11867341cdf2b3ae91115c3c5c
-
SSDEEP
49152:cg69SebPPiKgYyI7ukYtd4WTDb/iCEVQdliEvhlN:cg69Sebimz+iCEVQSEd
Static task
static1
Behavioral task
behavioral1
Sample
8c33202269a26454745bd6cd23fa0ab9bd5cd1d6c43afc84e1a0272fe956851c.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
8c33202269a26454745bd6cd23fa0ab9bd5cd1d6c43afc84e1a0272fe956851c
-
Size
2.3MB
-
MD5
06651d13c6c39eff6dfcb22113baa1bb
-
SHA1
c529dab703ed83ded5b9cc1bb42f08af963e7247
-
SHA256
8c33202269a26454745bd6cd23fa0ab9bd5cd1d6c43afc84e1a0272fe956851c
-
SHA512
14232aa3223b8f27a68504e920dbd092c438242d430bddbb1f3f1a0f2789364a708b074bdacf305cbd173941a33ca4b79c745f11867341cdf2b3ae91115c3c5c
-
SSDEEP
49152:cg69SebPPiKgYyI7ukYtd4WTDb/iCEVQdliEvhlN:cg69Sebimz+iCEVQSEd
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-