General

  • Target

    83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017

  • Size

    8.1MB

  • Sample

    240526-c35b8scf35

  • MD5

    aa7d24e31b22db35fd03000428eb18c0

  • SHA1

    0ac1025d43a989d01c343ed2fa85ed9387890da2

  • SHA256

    83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017

  • SHA512

    02f4363e484eb3f3c61b8e9c713807bd7efae5cef20f22e2b24f01c607a51619d95e44ca3250e08d2a9dd4e46ead3d9dfdcaff477efe7963739cc95ccc297e25

  • SSDEEP

    196608:OClQT7LY6gKF6NbDjkSm0+4V30FcTqCjJypGJkq0BATw:OClGA6gKF6yNFceCjeOkq0A

Score
9/10

Malware Config

Targets

    • Target

      83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017

    • Size

      8.1MB

    • MD5

      aa7d24e31b22db35fd03000428eb18c0

    • SHA1

      0ac1025d43a989d01c343ed2fa85ed9387890da2

    • SHA256

      83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017

    • SHA512

      02f4363e484eb3f3c61b8e9c713807bd7efae5cef20f22e2b24f01c607a51619d95e44ca3250e08d2a9dd4e46ead3d9dfdcaff477efe7963739cc95ccc297e25

    • SSDEEP

      196608:OClQT7LY6gKF6NbDjkSm0+4V30FcTqCjJypGJkq0BATw:OClGA6gKF6yNFceCjeOkq0A

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks