General
-
Target
39f642912d55b4a8c00454d0885c2e1cddf7bcec4e4306db01efc7134b87bca9
-
Size
2.3MB
-
Sample
240428-mxjhpaec5s
-
MD5
4e99ba5bb9f90094f71e10b7b06910fe
-
SHA1
c89ea7a85924f2eeb6b42f375b1a960769590749
-
SHA256
39f642912d55b4a8c00454d0885c2e1cddf7bcec4e4306db01efc7134b87bca9
-
SHA512
ff4085d7dc54231d60db6c6bd5c18ec7ffef83addc4db6556770f1a8f727a8dbe54f80825dc80bd0c0bcb44d41f1728ddca11685a91f35b68aba6f0825da6907
-
SSDEEP
49152:Xg69SebPPiKgYyoDPkDxHxxrfXF7OtWucETJxqOC4xxg8J:Xg69SebiWzkdTwtWucETTqOVj7
Static task
static1
Behavioral task
behavioral1
Sample
39f642912d55b4a8c00454d0885c2e1cddf7bcec4e4306db01efc7134b87bca9.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
39f642912d55b4a8c00454d0885c2e1cddf7bcec4e4306db01efc7134b87bca9
-
Size
2.3MB
-
MD5
4e99ba5bb9f90094f71e10b7b06910fe
-
SHA1
c89ea7a85924f2eeb6b42f375b1a960769590749
-
SHA256
39f642912d55b4a8c00454d0885c2e1cddf7bcec4e4306db01efc7134b87bca9
-
SHA512
ff4085d7dc54231d60db6c6bd5c18ec7ffef83addc4db6556770f1a8f727a8dbe54f80825dc80bd0c0bcb44d41f1728ddca11685a91f35b68aba6f0825da6907
-
SSDEEP
49152:Xg69SebPPiKgYyoDPkDxHxxrfXF7OtWucETJxqOC4xxg8J:Xg69SebiWzkdTwtWucETTqOVj7
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-