General
-
Target
5c76ff1bf069e59b4fb85fb36a5e0af1b04c9d7111d109123e26d171aeec1646
-
Size
2.3MB
-
Sample
240603-dz3vnshe7z
-
MD5
1bdd39c5cdde55cedeaa6d5b3c5ce683
-
SHA1
0d6bf23bd2b9156d6a84e56528e9a68e3ddcb9f0
-
SHA256
5c76ff1bf069e59b4fb85fb36a5e0af1b04c9d7111d109123e26d171aeec1646
-
SHA512
55e3ae5583925525eee8499254a42e9ed7dc8ad4ab10834ff6428cdbf513d25cbdd1539721dcad20c3b0d974e45b9a47223e08338eacb1b3304c61e1377b0187
-
SSDEEP
49152:OkmKhyq24kI3qebVa9Vu14+SdKGw7SBKkA3Y:OkmKEqlkAbkz3+SdKGw7kA
Static task
static1
Behavioral task
behavioral1
Sample
5c76ff1bf069e59b4fb85fb36a5e0af1b04c9d7111d109123e26d171aeec1646.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
5c76ff1bf069e59b4fb85fb36a5e0af1b04c9d7111d109123e26d171aeec1646
-
Size
2.3MB
-
MD5
1bdd39c5cdde55cedeaa6d5b3c5ce683
-
SHA1
0d6bf23bd2b9156d6a84e56528e9a68e3ddcb9f0
-
SHA256
5c76ff1bf069e59b4fb85fb36a5e0af1b04c9d7111d109123e26d171aeec1646
-
SHA512
55e3ae5583925525eee8499254a42e9ed7dc8ad4ab10834ff6428cdbf513d25cbdd1539721dcad20c3b0d974e45b9a47223e08338eacb1b3304c61e1377b0187
-
SSDEEP
49152:OkmKhyq24kI3qebVa9Vu14+SdKGw7SBKkA3Y:OkmKEqlkAbkz3+SdKGw7kA
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-