General
-
Target
277a3b397637247ba4d2553884926989f236598d7a9749e179ea6aa0bf5478db
-
Size
2.2MB
-
Sample
240603-fge21aca4y
-
MD5
f7ad7b45c9206a6e8c2e0d277854f65c
-
SHA1
8dc96a1c2ca5e813e2d0684e41d8a7a1b3f3f623
-
SHA256
277a3b397637247ba4d2553884926989f236598d7a9749e179ea6aa0bf5478db
-
SHA512
570cbdeebd7ceb864604e4e765a77607fd3d08787b9e2156094857a3498e5847e5c8f64c5e31fd273b9a6d1e8b8c308453d976bee5b700ae22d0ae421c81264b
-
SSDEEP
49152:wkmKhyq24kI3qebVa1Jlp94xaHAlqg8Ld0Kpa1HKtpABjL5mFJf/kdb0:wkmKEqlkAbk1nsxmAlqg8LqKU1HiShmz
Static task
static1
Behavioral task
behavioral1
Sample
277a3b397637247ba4d2553884926989f236598d7a9749e179ea6aa0bf5478db.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
277a3b397637247ba4d2553884926989f236598d7a9749e179ea6aa0bf5478db.exe
Resource
win11-20240419-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
277a3b397637247ba4d2553884926989f236598d7a9749e179ea6aa0bf5478db
-
Size
2.2MB
-
MD5
f7ad7b45c9206a6e8c2e0d277854f65c
-
SHA1
8dc96a1c2ca5e813e2d0684e41d8a7a1b3f3f623
-
SHA256
277a3b397637247ba4d2553884926989f236598d7a9749e179ea6aa0bf5478db
-
SHA512
570cbdeebd7ceb864604e4e765a77607fd3d08787b9e2156094857a3498e5847e5c8f64c5e31fd273b9a6d1e8b8c308453d976bee5b700ae22d0ae421c81264b
-
SSDEEP
49152:wkmKhyq24kI3qebVa1Jlp94xaHAlqg8Ld0Kpa1HKtpABjL5mFJf/kdb0:wkmKEqlkAbk1nsxmAlqg8LqKU1HiShmz
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-