General
-
Target
83005a046514086908281abad55d4f5cd1ed7a1af6671e85582b00d2d56d1a6b
-
Size
2.4MB
-
Sample
240610-mja96age26
-
MD5
b2b911e372fec90fc6e68f907ffd082f
-
SHA1
61688b5c8eb7897f2ff598f201d863cfe5f93c03
-
SHA256
83005a046514086908281abad55d4f5cd1ed7a1af6671e85582b00d2d56d1a6b
-
SHA512
cbb36d8f92449f550df89054a2a9d288b63bd3599973e337597e58799d5f2dc4706be9ada4bffc3450b8047fcea346d88955a722cc557ba1294c887e707754ef
-
SSDEEP
49152:ajGqTC8Ay2Qt57cMvFJ2ompBqSTa/jRudmoIF44u0TaULaFACmKJOB:aaB8XvcMbmhUjhohGTDLa1moO
Static task
static1
Behavioral task
behavioral1
Sample
83005a046514086908281abad55d4f5cd1ed7a1af6671e85582b00d2d56d1a6b.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
77.91.77.67:58709
Targets
-
-
Target
83005a046514086908281abad55d4f5cd1ed7a1af6671e85582b00d2d56d1a6b
-
Size
2.4MB
-
MD5
b2b911e372fec90fc6e68f907ffd082f
-
SHA1
61688b5c8eb7897f2ff598f201d863cfe5f93c03
-
SHA256
83005a046514086908281abad55d4f5cd1ed7a1af6671e85582b00d2d56d1a6b
-
SHA512
cbb36d8f92449f550df89054a2a9d288b63bd3599973e337597e58799d5f2dc4706be9ada4bffc3450b8047fcea346d88955a722cc557ba1294c887e707754ef
-
SSDEEP
49152:ajGqTC8Ay2Qt57cMvFJ2ompBqSTa/jRudmoIF44u0TaULaFACmKJOB:aaB8XvcMbmhUjhohGTDLa1moO
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-