General
-
Target
83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017
-
Size
8.1MB
-
Sample
240526-c35b8scf35
-
MD5
aa7d24e31b22db35fd03000428eb18c0
-
SHA1
0ac1025d43a989d01c343ed2fa85ed9387890da2
-
SHA256
83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017
-
SHA512
02f4363e484eb3f3c61b8e9c713807bd7efae5cef20f22e2b24f01c607a51619d95e44ca3250e08d2a9dd4e46ead3d9dfdcaff477efe7963739cc95ccc297e25
-
SSDEEP
196608:OClQT7LY6gKF6NbDjkSm0+4V30FcTqCjJypGJkq0BATw:OClGA6gKF6yNFceCjeOkq0A
Static task
static1
Behavioral task
behavioral1
Sample
83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017
-
Size
8.1MB
-
MD5
aa7d24e31b22db35fd03000428eb18c0
-
SHA1
0ac1025d43a989d01c343ed2fa85ed9387890da2
-
SHA256
83a48d23d7275924507e6fa0d6eb5c6208bbe87092a0196c2b6fb52569624017
-
SHA512
02f4363e484eb3f3c61b8e9c713807bd7efae5cef20f22e2b24f01c607a51619d95e44ca3250e08d2a9dd4e46ead3d9dfdcaff477efe7963739cc95ccc297e25
-
SSDEEP
196608:OClQT7LY6gKF6NbDjkSm0+4V30FcTqCjJypGJkq0BATw:OClGA6gKF6yNFceCjeOkq0A
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-