General
-
Target
1706b6e384625b11dd71272e5cced20a405d1056bcb391bdec7279db53391b55.exe
-
Size
1.4MB
-
Sample
240522-bjyvnsfe99
-
MD5
52bede61623a0c057bf15fbf3e581791
-
SHA1
6c19424b439d91bdb271be393d9ecf9abee38b63
-
SHA256
1706b6e384625b11dd71272e5cced20a405d1056bcb391bdec7279db53391b55
-
SHA512
abd178b596e1b55b12da1367f2e8b59f19623c4b5cdc5f6428ce1864ef71b5ca7529e8434d5a16938912ee41a24a5a8a5f0debc3b8f88e1dda8d47674c0b3a73
-
SSDEEP
24576:Xpq+MpSKPWl41uYCpMgw9PMpQhJrt8GHRNGlqaMQw+3zZPlx8xnZgSRhXM7pZDE:XZMp1TuYCpMgwepQDt8mGzMJ+jFIg48k
Malware Config
Targets
-
-
Target
1706b6e384625b11dd71272e5cced20a405d1056bcb391bdec7279db53391b55.exe
-
Size
1.4MB
-
MD5
52bede61623a0c057bf15fbf3e581791
-
SHA1
6c19424b439d91bdb271be393d9ecf9abee38b63
-
SHA256
1706b6e384625b11dd71272e5cced20a405d1056bcb391bdec7279db53391b55
-
SHA512
abd178b596e1b55b12da1367f2e8b59f19623c4b5cdc5f6428ce1864ef71b5ca7529e8434d5a16938912ee41a24a5a8a5f0debc3b8f88e1dda8d47674c0b3a73
-
SSDEEP
24576:Xpq+MpSKPWl41uYCpMgw9PMpQhJrt8GHRNGlqaMQw+3zZPlx8xnZgSRhXM7pZDE:XZMp1TuYCpMgwepQDt8mGzMJ+jFIg48k
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-