General
-
Target
9ecc3b5790df3b2b616ef72698a36d826df66f21eacd62992889d192bc6c689f
-
Size
3.3MB
-
Sample
240524-d4vpvsbf25
-
MD5
eb0a839747cc8691605696ebabf92b22
-
SHA1
6b5ac79378f5cb533b92b38cab9aeb2be2857094
-
SHA256
9ecc3b5790df3b2b616ef72698a36d826df66f21eacd62992889d192bc6c689f
-
SHA512
28f3497f35acb11b25e8d6437e1cf7f9ca68317b0d9276248b6650b04586d945135e6477f0be3aae7bdba3233c516e0af0a1ea892be7c9ec4c2df18e295e3598
-
SSDEEP
98304:EZB7xMNqg1+RoXkFwGHOS8GeHE3Iv9UXRTBfJr:iB8T1+R8VGHN3G9+Rb
Static task
static1
Behavioral task
behavioral1
Sample
9ecc3b5790df3b2b616ef72698a36d826df66f21eacd62992889d192bc6c689f.exe
Resource
win7-20240419-en
Malware Config
Targets
-
-
Target
9ecc3b5790df3b2b616ef72698a36d826df66f21eacd62992889d192bc6c689f
-
Size
3.3MB
-
MD5
eb0a839747cc8691605696ebabf92b22
-
SHA1
6b5ac79378f5cb533b92b38cab9aeb2be2857094
-
SHA256
9ecc3b5790df3b2b616ef72698a36d826df66f21eacd62992889d192bc6c689f
-
SHA512
28f3497f35acb11b25e8d6437e1cf7f9ca68317b0d9276248b6650b04586d945135e6477f0be3aae7bdba3233c516e0af0a1ea892be7c9ec4c2df18e295e3598
-
SSDEEP
98304:EZB7xMNqg1+RoXkFwGHOS8GeHE3Iv9UXRTBfJr:iB8T1+R8VGHN3G9+Rb
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-