General
-
Target
Joinify.exe
-
Size
45.8MB
-
Sample
240609-ycsfmseg94
-
MD5
63610cad101967401d6a580f655f4e1e
-
SHA1
25f3c873e6ec16d1c62e703f8085cf3a72d51583
-
SHA256
b626f2b952633aabce2a7461ba1e296cceb00c595b752f322a070629d53d36b1
-
SHA512
12c29e8aecc070570d084fd9ad29711f8194a734252e5041930f768e8feb0cc8ccd57d40403358f24237bf76664e767184b581ce1a1c968c682c713149461bc3
-
SSDEEP
786432:himQ8daQ+fUTLJ5Cg2j6+s7LWB75zuqIdHaSV1Ji4OlDeaC9/JqrYEap9W2HC/Wy:hpQ8daQ+fUTd532qHWB75iqvSV9eO9pr
Behavioral task
behavioral1
Sample
Joinify.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
Joinify.exe
-
Size
45.8MB
-
MD5
63610cad101967401d6a580f655f4e1e
-
SHA1
25f3c873e6ec16d1c62e703f8085cf3a72d51583
-
SHA256
b626f2b952633aabce2a7461ba1e296cceb00c595b752f322a070629d53d36b1
-
SHA512
12c29e8aecc070570d084fd9ad29711f8194a734252e5041930f768e8feb0cc8ccd57d40403358f24237bf76664e767184b581ce1a1c968c682c713149461bc3
-
SSDEEP
786432:himQ8daQ+fUTLJ5Cg2j6+s7LWB75zuqIdHaSV1Ji4OlDeaC9/JqrYEap9W2HC/Wy:hpQ8daQ+fUTd532qHWB75iqvSV9eO9pr
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-