General
-
Target
75e9740f86c60769a9b514bee85957a98e4e0127d64e60066be264b40e556f51
-
Size
6.3MB
-
Sample
240526-j3ym1sch97
-
MD5
a40eb5ef478792f602f53f3f7dc9974b
-
SHA1
0b4980f0451167eecbc4c079ec7e127df6546951
-
SHA256
75e9740f86c60769a9b514bee85957a98e4e0127d64e60066be264b40e556f51
-
SHA512
e8428e3a1e12f55885ad83621fff188dc03bdd9c12495129a35081d895871ba6ff13295f642bf0037407b4e655c1d3bd9004c85f9387913191003b9dbd12805d
-
SSDEEP
196608:J3mtkG3tZ51kRLZWbvti90rW2Uo5hNK7sJkSJU:JSrtFkRoAirJ5vK7IkP
Static task
static1
Behavioral task
behavioral1
Sample
75e9740f86c60769a9b514bee85957a98e4e0127d64e60066be264b40e556f51.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
75e9740f86c60769a9b514bee85957a98e4e0127d64e60066be264b40e556f51.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
75e9740f86c60769a9b514bee85957a98e4e0127d64e60066be264b40e556f51
-
Size
6.3MB
-
MD5
a40eb5ef478792f602f53f3f7dc9974b
-
SHA1
0b4980f0451167eecbc4c079ec7e127df6546951
-
SHA256
75e9740f86c60769a9b514bee85957a98e4e0127d64e60066be264b40e556f51
-
SHA512
e8428e3a1e12f55885ad83621fff188dc03bdd9c12495129a35081d895871ba6ff13295f642bf0037407b4e655c1d3bd9004c85f9387913191003b9dbd12805d
-
SSDEEP
196608:J3mtkG3tZ51kRLZWbvti90rW2Uo5hNK7sJkSJU:JSrtFkRoAirJ5vK7IkP
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-