General
-
Target
9757b9f1a519c581003246b250536c8d118d0ca5512d46e7702f8899fd806637
-
Size
2.3MB
-
Sample
240526-s98k8sce46
-
MD5
67c6941d81c16d10d1d6dd886ee965b7
-
SHA1
2cb4a573f39d389e3b79d00a8309a79c90c6a988
-
SHA256
9757b9f1a519c581003246b250536c8d118d0ca5512d46e7702f8899fd806637
-
SHA512
a06c6cfc9fe4008e4d1a1aab6980e99712b4d7b332f35c1e8a6842fd2c1f6ab782097216df37eb68ba593ed62bd349e278f3231d9fedb2a69129a0e61b18175e
-
SSDEEP
49152:7kmKhyq24kI3qebVa0RSJFPXqBGScpNl0fnRc2FuFE:7kmKEqlkAbkjJFRScDuPu0uC
Static task
static1
Behavioral task
behavioral1
Sample
9757b9f1a519c581003246b250536c8d118d0ca5512d46e7702f8899fd806637.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
9757b9f1a519c581003246b250536c8d118d0ca5512d46e7702f8899fd806637.exe
Resource
win11-20240508-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
9757b9f1a519c581003246b250536c8d118d0ca5512d46e7702f8899fd806637
-
Size
2.3MB
-
MD5
67c6941d81c16d10d1d6dd886ee965b7
-
SHA1
2cb4a573f39d389e3b79d00a8309a79c90c6a988
-
SHA256
9757b9f1a519c581003246b250536c8d118d0ca5512d46e7702f8899fd806637
-
SHA512
a06c6cfc9fe4008e4d1a1aab6980e99712b4d7b332f35c1e8a6842fd2c1f6ab782097216df37eb68ba593ed62bd349e278f3231d9fedb2a69129a0e61b18175e
-
SSDEEP
49152:7kmKhyq24kI3qebVa0RSJFPXqBGScpNl0fnRc2FuFE:7kmKEqlkAbkjJFRScDuPu0uC
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-