General
-
Target
cde5402ba08edd3655b6f37b9f3816d6fd99fa71cb9e6fe9fc5e5c74ae0de03a
-
Size
2.3MB
-
Sample
240526-lty9aseh65
-
MD5
3d654eff239a2fa0ed83590a7b855de3
-
SHA1
c2f93395c0515823f1500d8335d047a66c78001b
-
SHA256
cde5402ba08edd3655b6f37b9f3816d6fd99fa71cb9e6fe9fc5e5c74ae0de03a
-
SHA512
777d74fa7252c7133dbb9a5a138001959001b1c7cd5768d44f19d85a60ed55bee1811b3fae6afbecdfc87897f0959d5f9278ec260bf75ac77da33460869be4c5
-
SSDEEP
49152:LkmKhyq24kI3qebVsIhwiK8owSfApeM+uB3I0sDnN0:LkmKEqlkAbmYjowoAkuB3I1T
Static task
static1
Behavioral task
behavioral1
Sample
cde5402ba08edd3655b6f37b9f3816d6fd99fa71cb9e6fe9fc5e5c74ae0de03a.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
cde5402ba08edd3655b6f37b9f3816d6fd99fa71cb9e6fe9fc5e5c74ae0de03a
-
Size
2.3MB
-
MD5
3d654eff239a2fa0ed83590a7b855de3
-
SHA1
c2f93395c0515823f1500d8335d047a66c78001b
-
SHA256
cde5402ba08edd3655b6f37b9f3816d6fd99fa71cb9e6fe9fc5e5c74ae0de03a
-
SHA512
777d74fa7252c7133dbb9a5a138001959001b1c7cd5768d44f19d85a60ed55bee1811b3fae6afbecdfc87897f0959d5f9278ec260bf75ac77da33460869be4c5
-
SSDEEP
49152:LkmKhyq24kI3qebVsIhwiK8owSfApeM+uB3I0sDnN0:LkmKEqlkAbmYjowoAkuB3I1T
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-