General
-
Target
53f366fc64fdbe3ec691ece3f72c08de7af04a2fbd2fa27f574f8a89c79da527
-
Size
2.3MB
-
Sample
240610-ky5ffafe46
-
MD5
da0737569632193670e6246b4e9bd33f
-
SHA1
6705fae1c48eaa56feaf3c2d92c77f4158080cb3
-
SHA256
53f366fc64fdbe3ec691ece3f72c08de7af04a2fbd2fa27f574f8a89c79da527
-
SHA512
564d97f8da951e75825ff1b4c5f57c00d47b5fec62fe1deaa925b2c918612e357abcb7d23278d18e9ce7e9e5688adf21b468478c3093b6992e55ffd72d377c87
-
SSDEEP
49152:JWuELMWqbLJI7dr0kqxfKefMujRz/KU7a+XoW+ArC0kHHuIaZLR3Q1X:J/WcLJkqkVHujNKU7CAr4uIaZLR3Q1
Static task
static1
Behavioral task
behavioral1
Sample
53f366fc64fdbe3ec691ece3f72c08de7af04a2fbd2fa27f574f8a89c79da527.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
risepro
77.91.77.67:58709
Targets
-
-
Target
53f366fc64fdbe3ec691ece3f72c08de7af04a2fbd2fa27f574f8a89c79da527
-
Size
2.3MB
-
MD5
da0737569632193670e6246b4e9bd33f
-
SHA1
6705fae1c48eaa56feaf3c2d92c77f4158080cb3
-
SHA256
53f366fc64fdbe3ec691ece3f72c08de7af04a2fbd2fa27f574f8a89c79da527
-
SHA512
564d97f8da951e75825ff1b4c5f57c00d47b5fec62fe1deaa925b2c918612e357abcb7d23278d18e9ce7e9e5688adf21b468478c3093b6992e55ffd72d377c87
-
SSDEEP
49152:JWuELMWqbLJI7dr0kqxfKefMujRz/KU7a+XoW+ArC0kHHuIaZLR3Q1X:J/WcLJkqkVHujNKU7CAr4uIaZLR3Q1
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-