General
-
Target
034cc33311c185dd6991ddbabd1b60274594aa933167767e8f19547127d2589f
-
Size
2.3MB
-
Sample
240524-vcfv3ach82
-
MD5
e76f9dee3c9f5db6ad239874d620b482
-
SHA1
fefeb473d825ca67302eb97915dc8aed73c30a6b
-
SHA256
034cc33311c185dd6991ddbabd1b60274594aa933167767e8f19547127d2589f
-
SHA512
a962d6b10d10c247a6b6cd34168282c9c8d2d2a617fb7929fafe586b825d3de9cb8681ad75caf34edefa44134ad969bd7e04bd2622883a083b44d28d0b2c39d9
-
SSDEEP
49152:vkmKhyq24kI3qebVaHAMB0q6/0NvoLEywpehnTBPbHXx/7I:vkmKEqlkAbkH0OAEuhn9Pb3BI
Static task
static1
Behavioral task
behavioral1
Sample
034cc33311c185dd6991ddbabd1b60274594aa933167767e8f19547127d2589f.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
034cc33311c185dd6991ddbabd1b60274594aa933167767e8f19547127d2589f
-
Size
2.3MB
-
MD5
e76f9dee3c9f5db6ad239874d620b482
-
SHA1
fefeb473d825ca67302eb97915dc8aed73c30a6b
-
SHA256
034cc33311c185dd6991ddbabd1b60274594aa933167767e8f19547127d2589f
-
SHA512
a962d6b10d10c247a6b6cd34168282c9c8d2d2a617fb7929fafe586b825d3de9cb8681ad75caf34edefa44134ad969bd7e04bd2622883a083b44d28d0b2c39d9
-
SSDEEP
49152:vkmKhyq24kI3qebVaHAMB0q6/0NvoLEywpehnTBPbHXx/7I:vkmKEqlkAbkH0OAEuhn9Pb3BI
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-