General
-
Target
53e82e1b708bb135fd391f7955c37857915b15cfb43c543787f2374d18a4b3ea
-
Size
6.3MB
-
Sample
240525-vww2dscb77
-
MD5
33eb059ff7948256d2bb9f0c88097eda
-
SHA1
4e0581a813ac0054df77be99e20d454096ad31fe
-
SHA256
53e82e1b708bb135fd391f7955c37857915b15cfb43c543787f2374d18a4b3ea
-
SHA512
2109c685092aa1edd06ba4ca85298338b600a5a99df4e890c622919c95fd032dec3f9b86f17c62fd5ea5c9a0985601854bc5322a17c80dafb8bf80d819c26cde
-
SSDEEP
196608:JxV4sH/WTFW3LkdxW+sXDqm73Eagb0tiy:nVFHOTAQdxdIqgUDb0Ey
Static task
static1
Behavioral task
behavioral1
Sample
53e82e1b708bb135fd391f7955c37857915b15cfb43c543787f2374d18a4b3ea.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
53e82e1b708bb135fd391f7955c37857915b15cfb43c543787f2374d18a4b3ea.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
53e82e1b708bb135fd391f7955c37857915b15cfb43c543787f2374d18a4b3ea
-
Size
6.3MB
-
MD5
33eb059ff7948256d2bb9f0c88097eda
-
SHA1
4e0581a813ac0054df77be99e20d454096ad31fe
-
SHA256
53e82e1b708bb135fd391f7955c37857915b15cfb43c543787f2374d18a4b3ea
-
SHA512
2109c685092aa1edd06ba4ca85298338b600a5a99df4e890c622919c95fd032dec3f9b86f17c62fd5ea5c9a0985601854bc5322a17c80dafb8bf80d819c26cde
-
SSDEEP
196608:JxV4sH/WTFW3LkdxW+sXDqm73Eagb0tiy:nVFHOTAQdxdIqgUDb0Ey
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-