General
-
Target
c8c59d2e18e78218a8b6d7fdd7bea93da2a5c41df037fac7cfe70b13491eeccb
-
Size
2.3MB
-
Sample
240527-aqws8ahe6v
-
MD5
73afa0f2000311df373d12364a5d623f
-
SHA1
9f54ddcca502cd0a9212dc9a713096a76ac2c0e4
-
SHA256
c8c59d2e18e78218a8b6d7fdd7bea93da2a5c41df037fac7cfe70b13491eeccb
-
SHA512
a885cdb4e73d6190e2303ab1a67608b043086d7d6885d7743273eff6fe73a795658ce325ed933863fb1a494601bfdd3fd7d00e87cf46fbfdc6d400911b9286e8
-
SSDEEP
49152:bkmKhyq24kI3qebVa3U4hGTkAyXAnXQNMUpP3YXmsQb1CoLchoEB18h89w:bkmKEqlkAbk3J8bnXQNMc3WJQbAoq8S
Static task
static1
Behavioral task
behavioral1
Sample
c8c59d2e18e78218a8b6d7fdd7bea93da2a5c41df037fac7cfe70b13491eeccb.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
c8c59d2e18e78218a8b6d7fdd7bea93da2a5c41df037fac7cfe70b13491eeccb
-
Size
2.3MB
-
MD5
73afa0f2000311df373d12364a5d623f
-
SHA1
9f54ddcca502cd0a9212dc9a713096a76ac2c0e4
-
SHA256
c8c59d2e18e78218a8b6d7fdd7bea93da2a5c41df037fac7cfe70b13491eeccb
-
SHA512
a885cdb4e73d6190e2303ab1a67608b043086d7d6885d7743273eff6fe73a795658ce325ed933863fb1a494601bfdd3fd7d00e87cf46fbfdc6d400911b9286e8
-
SSDEEP
49152:bkmKhyq24kI3qebVa3U4hGTkAyXAnXQNMUpP3YXmsQb1CoLchoEB18h89w:bkmKEqlkAbk3J8bnXQNMc3WJQbAoq8S
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-