General
-
Target
ee780282be7d2d26117579c7c4cca17c5636da81a168c56bb6ae91379cc63191
-
Size
928KB
-
Sample
240524-c6jjyaad57
-
MD5
cb8ed55ba94fc462b98a208545525ab6
-
SHA1
40f20b21f1bb46fd2e8799eabda75ae86567ec2f
-
SHA256
ee780282be7d2d26117579c7c4cca17c5636da81a168c56bb6ae91379cc63191
-
SHA512
abbcd9c1085f95d0328488c580a59cba4c70e38f7c83137a0c740bf8271a0bce387655e8ab9ef01fbfb92f047ec00c883b079aa18966bb5df5217284b8feecf4
-
SSDEEP
12288:Do4UXOwRN5ZwWSGolX1T/NA6KFTg2oRmWW4NX/Z1GurgCbNK3BaEanxEHHhNJMgv:SN5ZtS3x/v2oRmW1N5rpIapnahpI
Malware Config
Targets
-
-
Target
ee780282be7d2d26117579c7c4cca17c5636da81a168c56bb6ae91379cc63191
-
Size
928KB
-
MD5
cb8ed55ba94fc462b98a208545525ab6
-
SHA1
40f20b21f1bb46fd2e8799eabda75ae86567ec2f
-
SHA256
ee780282be7d2d26117579c7c4cca17c5636da81a168c56bb6ae91379cc63191
-
SHA512
abbcd9c1085f95d0328488c580a59cba4c70e38f7c83137a0c740bf8271a0bce387655e8ab9ef01fbfb92f047ec00c883b079aa18966bb5df5217284b8feecf4
-
SSDEEP
12288:Do4UXOwRN5ZwWSGolX1T/NA6KFTg2oRmWW4NX/Z1GurgCbNK3BaEanxEHHhNJMgv:SN5ZtS3x/v2oRmW1N5rpIapnahpI
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-