General
-
Target
1b02cc8286140afd888884aecc988d8c0fadadacdc5e698d9fd722f7f8a24bf1
-
Size
2.3MB
-
Sample
240608-1apyvage7z
-
MD5
efd0f9ad7f32cf0ac20ee36f29df81d1
-
SHA1
ec4f07200151c45e92d4623cf7df1f4a614109df
-
SHA256
1b02cc8286140afd888884aecc988d8c0fadadacdc5e698d9fd722f7f8a24bf1
-
SHA512
e6c0e028463a62def447be5c672268c0255be383b0ddc22a2f26bd873f155c422bca30b1fe6c1499ed1b5f9ba7c1d137dd9d436dc241d3eb574820ddb4028658
-
SSDEEP
49152:Oinoazft6QV9anlMzH0vGiYtjo8S0px53wsmNjux7HLKDRO4nF:XoXv6o89Ys6jgPqRO4
Static task
static1
Behavioral task
behavioral1
Sample
1b02cc8286140afd888884aecc988d8c0fadadacdc5e698d9fd722f7f8a24bf1.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
1b02cc8286140afd888884aecc988d8c0fadadacdc5e698d9fd722f7f8a24bf1.exe
Resource
win11-20240426-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
1b02cc8286140afd888884aecc988d8c0fadadacdc5e698d9fd722f7f8a24bf1
-
Size
2.3MB
-
MD5
efd0f9ad7f32cf0ac20ee36f29df81d1
-
SHA1
ec4f07200151c45e92d4623cf7df1f4a614109df
-
SHA256
1b02cc8286140afd888884aecc988d8c0fadadacdc5e698d9fd722f7f8a24bf1
-
SHA512
e6c0e028463a62def447be5c672268c0255be383b0ddc22a2f26bd873f155c422bca30b1fe6c1499ed1b5f9ba7c1d137dd9d436dc241d3eb574820ddb4028658
-
SSDEEP
49152:Oinoazft6QV9anlMzH0vGiYtjo8S0px53wsmNjux7HLKDRO4nF:XoXv6o89Ys6jgPqRO4
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-