General
-
Target
0bbb8c7517edee458961ce3b9f45df32cac596256256c884ed615797b34072aa
-
Size
2.3MB
-
Sample
240610-mkw81sge55
-
MD5
ac265e8fa696e8cf92f7c22e353ff89e
-
SHA1
eee027520c683f85ddb56f35c11d2d91592de077
-
SHA256
0bbb8c7517edee458961ce3b9f45df32cac596256256c884ed615797b34072aa
-
SHA512
fdd9191ba22dc632f8ec7f0d12d4e536bd3a765a869f9fb87184465b9408d250f451d375f65dad8abdb223953a8009e4c72562f34316c15786ccff38aa1bc431
-
SSDEEP
49152:Jc4QJhbDoMsl3vtr14YXQ0OgftRPPb0oW2ZgtxyAH0CBUpTwG0fx3W:W4UjS3vtBjA0JzFngtxyAH0CB9G0fxm
Static task
static1
Behavioral task
behavioral1
Sample
0bbb8c7517edee458961ce3b9f45df32cac596256256c884ed615797b34072aa.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
risepro
77.91.77.67:58709
Targets
-
-
Target
0bbb8c7517edee458961ce3b9f45df32cac596256256c884ed615797b34072aa
-
Size
2.3MB
-
MD5
ac265e8fa696e8cf92f7c22e353ff89e
-
SHA1
eee027520c683f85ddb56f35c11d2d91592de077
-
SHA256
0bbb8c7517edee458961ce3b9f45df32cac596256256c884ed615797b34072aa
-
SHA512
fdd9191ba22dc632f8ec7f0d12d4e536bd3a765a869f9fb87184465b9408d250f451d375f65dad8abdb223953a8009e4c72562f34316c15786ccff38aa1bc431
-
SSDEEP
49152:Jc4QJhbDoMsl3vtr14YXQ0OgftRPPb0oW2ZgtxyAH0CBUpTwG0fx3W:W4UjS3vtBjA0JzFngtxyAH0CB9G0fxm
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-