General
-
Target
a0a7ee071a58c6129607ede2c6e57d3a5e6cafc20704bf7e42ad327d066f844f
-
Size
2.4MB
-
Sample
240609-lwcs3shg24
-
MD5
5b270cffe4ce8209280719096176af78
-
SHA1
3fda4b5c113b5488fe4b2561efbafd851105ba0d
-
SHA256
a0a7ee071a58c6129607ede2c6e57d3a5e6cafc20704bf7e42ad327d066f844f
-
SHA512
7e7456855dbc28dce4c021c6052367aec8175b67658fcac90948f505926a693f6d1d4fbe555b641b070e8aff68f5e4a7ccd11c6179c33c29ca9bb525a65baef7
-
SSDEEP
49152:WJ73YKLmDeDOiLGgQLeOdRl/aMlUaWg5lRcUCy20VozILd:WVnKDeDORge77RcUZV5d
Static task
static1
Behavioral task
behavioral1
Sample
a0a7ee071a58c6129607ede2c6e57d3a5e6cafc20704bf7e42ad327d066f844f.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
a0a7ee071a58c6129607ede2c6e57d3a5e6cafc20704bf7e42ad327d066f844f
-
Size
2.4MB
-
MD5
5b270cffe4ce8209280719096176af78
-
SHA1
3fda4b5c113b5488fe4b2561efbafd851105ba0d
-
SHA256
a0a7ee071a58c6129607ede2c6e57d3a5e6cafc20704bf7e42ad327d066f844f
-
SHA512
7e7456855dbc28dce4c021c6052367aec8175b67658fcac90948f505926a693f6d1d4fbe555b641b070e8aff68f5e4a7ccd11c6179c33c29ca9bb525a65baef7
-
SSDEEP
49152:WJ73YKLmDeDOiLGgQLeOdRl/aMlUaWg5lRcUCy20VozILd:WVnKDeDORge77RcUZV5d
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-