General
-
Target
775a99be7c48b1e934ddb983bc59c4cd8bd80754d50fb7e8dfa129ddf6ef3189
-
Size
2.3MB
-
Sample
240608-vzjkgadg6x
-
MD5
6df652a18819cd33441c0fd41d405215
-
SHA1
9d657c8c211180c1e3a5699dea007bb70a86400b
-
SHA256
775a99be7c48b1e934ddb983bc59c4cd8bd80754d50fb7e8dfa129ddf6ef3189
-
SHA512
bf36f6ec37f36055f8cf3e5366cbc56e26d319890cad229c76725ea92a268e4ef7995ddb4ea6a322a28a295362d1e849b7100b10f021d58efd3cf6101cf1bfff
-
SSDEEP
49152:vbUTneP5Ucfrgdj01egDgFFoOa3SCHAlB2FyoHlY7CMZ2og1MQUnUFk1c03:IeUccd2HgF+OSALAHlY7Gog0nUF2
Static task
static1
Behavioral task
behavioral1
Sample
775a99be7c48b1e934ddb983bc59c4cd8bd80754d50fb7e8dfa129ddf6ef3189.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
775a99be7c48b1e934ddb983bc59c4cd8bd80754d50fb7e8dfa129ddf6ef3189
-
Size
2.3MB
-
MD5
6df652a18819cd33441c0fd41d405215
-
SHA1
9d657c8c211180c1e3a5699dea007bb70a86400b
-
SHA256
775a99be7c48b1e934ddb983bc59c4cd8bd80754d50fb7e8dfa129ddf6ef3189
-
SHA512
bf36f6ec37f36055f8cf3e5366cbc56e26d319890cad229c76725ea92a268e4ef7995ddb4ea6a322a28a295362d1e849b7100b10f021d58efd3cf6101cf1bfff
-
SSDEEP
49152:vbUTneP5Ucfrgdj01egDgFFoOa3SCHAlB2FyoHlY7CMZ2og1MQUnUFk1c03:IeUccd2HgF+OSALAHlY7Gog0nUF2
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-