General
-
Target
db10becf566129f697ba1aefb04be44a00e457caedf3119805596cf2653e4e1e.exe
-
Size
2.3MB
-
Sample
240524-yjhj1shc73
-
MD5
6f5164478f19c96e87813cf2b98bad2b
-
SHA1
0ce75b9a57e668bcbac62e51c4d1f94046926553
-
SHA256
db10becf566129f697ba1aefb04be44a00e457caedf3119805596cf2653e4e1e
-
SHA512
11bfd29e51ad8ec0d41a638f91e70c7e5f26fea1a9fb7ee48bb1bcddfc2377d800a764b0a4cc949eae39c7f79b48be9759522e38c7ec08f99c477f645eec8afb
-
SSDEEP
49152:CkmKhyq24kI3qebVaWhI1Ac5YKF3ff6/nh3sXo+JY/6hHiwJW8UT:CkmKEqlkAbkmO5JPjCIhJW
Static task
static1
Behavioral task
behavioral1
Sample
db10becf566129f697ba1aefb04be44a00e457caedf3119805596cf2653e4e1e.exe
Resource
win7-20240221-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
db10becf566129f697ba1aefb04be44a00e457caedf3119805596cf2653e4e1e.exe
-
Size
2.3MB
-
MD5
6f5164478f19c96e87813cf2b98bad2b
-
SHA1
0ce75b9a57e668bcbac62e51c4d1f94046926553
-
SHA256
db10becf566129f697ba1aefb04be44a00e457caedf3119805596cf2653e4e1e
-
SHA512
11bfd29e51ad8ec0d41a638f91e70c7e5f26fea1a9fb7ee48bb1bcddfc2377d800a764b0a4cc949eae39c7f79b48be9759522e38c7ec08f99c477f645eec8afb
-
SSDEEP
49152:CkmKhyq24kI3qebVaWhI1Ac5YKF3ff6/nh3sXo+JY/6hHiwJW8UT:CkmKEqlkAbkmO5JPjCIhJW
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-