General

  • Target

    3acabf59ff4334f3b16d4dfc0e7a3973a6bb5bd2e2dba2008f9c6207583bf7c6

  • Size

    5.9MB

  • Sample

    240613-fjh7faydjr

  • MD5

    494dc8339f45b35d28eb37d6c4e6ca7c

  • SHA1

    a70e7b0077a6b4e8ab9821ce26fa477c116998ab

  • SHA256

    3acabf59ff4334f3b16d4dfc0e7a3973a6bb5bd2e2dba2008f9c6207583bf7c6

  • SHA512

    0c9cab3686161ca83a27a1d75937213557f80e317ecd8caa54fbe58107ace14fe5e781b3fda678d2e0e9afac2459c4865f7a90637ec14407360a535e3783f81e

  • SSDEEP

    98304:bfOEemp7lfuBLHn+ZY3Pq9EpK3QXAU+NBjQqIF2SIl4EE16DPZQ:72mp7lWBrnv3S66Q5+bQ1F2S

Score
9/10

Malware Config

Targets

    • Target

      3acabf59ff4334f3b16d4dfc0e7a3973a6bb5bd2e2dba2008f9c6207583bf7c6

    • Size

      5.9MB

    • MD5

      494dc8339f45b35d28eb37d6c4e6ca7c

    • SHA1

      a70e7b0077a6b4e8ab9821ce26fa477c116998ab

    • SHA256

      3acabf59ff4334f3b16d4dfc0e7a3973a6bb5bd2e2dba2008f9c6207583bf7c6

    • SHA512

      0c9cab3686161ca83a27a1d75937213557f80e317ecd8caa54fbe58107ace14fe5e781b3fda678d2e0e9afac2459c4865f7a90637ec14407360a535e3783f81e

    • SSDEEP

      98304:bfOEemp7lfuBLHn+ZY3Pq9EpK3QXAU+NBjQqIF2SIl4EE16DPZQ:72mp7lWBrnv3S66Q5+bQ1F2S

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks