General
-
Target
b59c07e20009d0d29676f63157ff423a4cb9109bfe78c835306889c883871b14
-
Size
2.3MB
-
Sample
240428-kbm8msbf74
-
MD5
5480801f824e2c45f0c5b6fd1bf04041
-
SHA1
78c00470d0247179f8f77aa796e22d540e8e8e6f
-
SHA256
b59c07e20009d0d29676f63157ff423a4cb9109bfe78c835306889c883871b14
-
SHA512
eb79a5d51db37fe3937d3de69ce6cfd41e48973a789c9beade22475b7a6efc9ee42c933e891ab5b87278f492f2261252b5fab9456b199d7331994d8b9539b2a7
-
SSDEEP
49152:eg69SebPPiKgYyyP/F3QK8joZcyoQrtbnFlwzNVUF+ppKcH9feZ:eg69SebiOF3X802y1thKzHTScd2
Static task
static1
Behavioral task
behavioral1
Sample
b59c07e20009d0d29676f63157ff423a4cb9109bfe78c835306889c883871b14.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
b59c07e20009d0d29676f63157ff423a4cb9109bfe78c835306889c883871b14
-
Size
2.3MB
-
MD5
5480801f824e2c45f0c5b6fd1bf04041
-
SHA1
78c00470d0247179f8f77aa796e22d540e8e8e6f
-
SHA256
b59c07e20009d0d29676f63157ff423a4cb9109bfe78c835306889c883871b14
-
SHA512
eb79a5d51db37fe3937d3de69ce6cfd41e48973a789c9beade22475b7a6efc9ee42c933e891ab5b87278f492f2261252b5fab9456b199d7331994d8b9539b2a7
-
SSDEEP
49152:eg69SebPPiKgYyyP/F3QK8joZcyoQrtbnFlwzNVUF+ppKcH9feZ:eg69SebiOF3X802y1thKzHTScd2
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-