General
-
Target
8c8b65fce477cae2b3c6838e1e1c753036c86d12b86dabcf3c1e6b8a69673868
-
Size
2.3MB
-
Sample
240604-edzfsscg63
-
MD5
af230c4f7e5a9481c77cf853f4aa2192
-
SHA1
b11e47ef62ee3d477be3fab596f28aa424e9b5f8
-
SHA256
8c8b65fce477cae2b3c6838e1e1c753036c86d12b86dabcf3c1e6b8a69673868
-
SHA512
addfd9c5e1fa6f4b177016df5afe3dd7f3ee2ab630d46dd368afc1f50cb476c7935befef2e34a58792e1f9313e31d0ac1c4c55150655aeb52cd39f7cf0de4a3c
-
SSDEEP
49152:XkmKhyq24kI3qebVaxSCFhUEuaAAOCnJ0zG+qxaTjo7:XkmKEqlkAbkxz3WVzGGP
Static task
static1
Behavioral task
behavioral1
Sample
8c8b65fce477cae2b3c6838e1e1c753036c86d12b86dabcf3c1e6b8a69673868.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
8c8b65fce477cae2b3c6838e1e1c753036c86d12b86dabcf3c1e6b8a69673868
-
Size
2.3MB
-
MD5
af230c4f7e5a9481c77cf853f4aa2192
-
SHA1
b11e47ef62ee3d477be3fab596f28aa424e9b5f8
-
SHA256
8c8b65fce477cae2b3c6838e1e1c753036c86d12b86dabcf3c1e6b8a69673868
-
SHA512
addfd9c5e1fa6f4b177016df5afe3dd7f3ee2ab630d46dd368afc1f50cb476c7935befef2e34a58792e1f9313e31d0ac1c4c55150655aeb52cd39f7cf0de4a3c
-
SSDEEP
49152:XkmKhyq24kI3qebVaxSCFhUEuaAAOCnJ0zG+qxaTjo7:XkmKEqlkAbkxz3WVzGGP
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-