General
-
Target
a9d314a6d8702724f8d0453da88cf6b7a64b0b0d258bc60e3802da85711276ec
-
Size
2.3MB
-
Sample
240608-yrbrfafe6t
-
MD5
1fccdb19bf9c772c794f794e0542496c
-
SHA1
60d9cbcff6f470596369c0469ffbd94ff3527bd0
-
SHA256
a9d314a6d8702724f8d0453da88cf6b7a64b0b0d258bc60e3802da85711276ec
-
SHA512
1ac1d75e4d0518a5ac328c84f34416eb1a1783b0e7124fb26a247aaf7645f38f9e9a08c6f8f779ffc95b7dbc1efa5fb7e1aa268747f37081c7b4ce7bb86f166b
-
SSDEEP
49152:YXLH4TKeZ9o3v24w71kiqbkld5hHVopzXINp76kPFF:Y7Koxid8kCzXINpf
Static task
static1
Behavioral task
behavioral1
Sample
a9d314a6d8702724f8d0453da88cf6b7a64b0b0d258bc60e3802da85711276ec.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
a9d314a6d8702724f8d0453da88cf6b7a64b0b0d258bc60e3802da85711276ec
-
Size
2.3MB
-
MD5
1fccdb19bf9c772c794f794e0542496c
-
SHA1
60d9cbcff6f470596369c0469ffbd94ff3527bd0
-
SHA256
a9d314a6d8702724f8d0453da88cf6b7a64b0b0d258bc60e3802da85711276ec
-
SHA512
1ac1d75e4d0518a5ac328c84f34416eb1a1783b0e7124fb26a247aaf7645f38f9e9a08c6f8f779ffc95b7dbc1efa5fb7e1aa268747f37081c7b4ce7bb86f166b
-
SSDEEP
49152:YXLH4TKeZ9o3v24w71kiqbkld5hHVopzXINp76kPFF:Y7Koxid8kCzXINpf
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-