General
-
Target
89d583cb63576b8e8ee66b7360fa432109cb9ef63e49e5caac836e6ae57f4974
-
Size
2.3MB
-
Sample
240608-2chszsaa22
-
MD5
7f1eb66f4a068b8daf8924738a1e2d4e
-
SHA1
8a97156c6ec094fb61ed41ce9974803f01908a1d
-
SHA256
89d583cb63576b8e8ee66b7360fa432109cb9ef63e49e5caac836e6ae57f4974
-
SHA512
5319fe6cd13cb379c3a4fbe6b9d95b665fbbfc28d1307ceaf770800d9d43aba19abacc349ee2fe7993f6c9dacdf42ff647809b1ed506e4fca28773e6ae7c8d13
-
SSDEEP
49152:qz5S5P6vwF10IvU0jFwTJS7Ao7KTpDS2LId+OH5Vw:qzEgvW0Ic0jQUf+FS2LIdXZ+
Static task
static1
Behavioral task
behavioral1
Sample
89d583cb63576b8e8ee66b7360fa432109cb9ef63e49e5caac836e6ae57f4974.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
89d583cb63576b8e8ee66b7360fa432109cb9ef63e49e5caac836e6ae57f4974
-
Size
2.3MB
-
MD5
7f1eb66f4a068b8daf8924738a1e2d4e
-
SHA1
8a97156c6ec094fb61ed41ce9974803f01908a1d
-
SHA256
89d583cb63576b8e8ee66b7360fa432109cb9ef63e49e5caac836e6ae57f4974
-
SHA512
5319fe6cd13cb379c3a4fbe6b9d95b665fbbfc28d1307ceaf770800d9d43aba19abacc349ee2fe7993f6c9dacdf42ff647809b1ed506e4fca28773e6ae7c8d13
-
SSDEEP
49152:qz5S5P6vwF10IvU0jFwTJS7Ao7KTpDS2LId+OH5Vw:qzEgvW0Ic0jQUf+FS2LIdXZ+
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-