General
-
Target
Growpai_4.59_6132024 (1).zip
-
Size
13.6MB
-
Sample
240617-wlgz6aybnc
-
MD5
9566602deaee120241649c7a16819e4e
-
SHA1
3f8b407371df1ab2b675aa4366553279edc9b5af
-
SHA256
ccc547cd841c5f6441497e1d3732775749992b2b0900593fd642c45b7109a631
-
SHA512
97a9d41fa21a8c99bdc609e83234096420eae391d92dd576549fb074076713255b800755ce10aac63dee368d8504940f4e1a16001e43f664bd26017695cbbd65
-
SSDEEP
393216:+gvIQbPObcgXI7suk4Ch8zIX06uCJFsbZIO4fEjmDJ:TQmwfB4G8N6uaXEjmDJ
Behavioral task
behavioral1
Sample
Growpai_4.59_6132024 (1).zip
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Growpai_4.59_6132024 (1).zip
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Growpai.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Growpai.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
Inzector_protected.exe
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
Inzector_protected.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
loader.exe
Resource
win7-20240611-en
Behavioral task
behavioral8
Sample
loader.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
Growpai_4.59_6132024 (1).zip
-
Size
13.6MB
-
MD5
9566602deaee120241649c7a16819e4e
-
SHA1
3f8b407371df1ab2b675aa4366553279edc9b5af
-
SHA256
ccc547cd841c5f6441497e1d3732775749992b2b0900593fd642c45b7109a631
-
SHA512
97a9d41fa21a8c99bdc609e83234096420eae391d92dd576549fb074076713255b800755ce10aac63dee368d8504940f4e1a16001e43f664bd26017695cbbd65
-
SSDEEP
393216:+gvIQbPObcgXI7suk4Ch8zIX06uCJFsbZIO4fEjmDJ:TQmwfB4G8N6uaXEjmDJ
Score1/10 -
-
-
Target
Growpai.dll
-
Size
5.1MB
-
MD5
b532a9987cca5bd6a28dca9df78c4306
-
SHA1
b72425f3b5dbe3f82f635ab9a922ef4c07a33695
-
SHA256
488c688651b244afb390e80755ab4b8dac0be649e7ee005343f6440b058bc360
-
SHA512
7de9a21c567ec9611f5c5a6e945434e96c29bd12fa742a15a6028ef9858100cf35c4579b8efaea51d0a275451b1fe3e735986293fcd35e591c320b1693ea84f4
-
SSDEEP
98304:8jYvd6apdyjLSoFw0mEuKvdg4BaE8KHebKuTp3QIM9dZtncxSrJ1Cd:8s1tpdyjLiJKvdPBaEJeuuazdZhcxGDY
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Inzector_protected.exe
-
Size
8.6MB
-
MD5
e1feaf2ff147638b619f722952eeb275
-
SHA1
b6d213178211fa5b85e7592a22bd66ab359ad8c3
-
SHA256
c388047bd2432fb129eddaff43fda64d1f895a48a7c1445ebd7153041df17f89
-
SHA512
03366dae3cf77b87e2f411bbf504b12306c81e384ba375bf9302f0bc62bb1ec7a63b38ac050ee150c0ef17b75267a99a85c2f5e23496257fbf70fc08e6485169
-
SSDEEP
196608:eS6h3lCjSUNqPQ4BK4HkkeoZuiudtDpwCCwHbS/pSR640:en1CjKPQ4I4EkLZkdRVC8bShSR6f
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
loader.exe
-
Size
14KB
-
MD5
9e25530dde3c4d19216983ad1cc9e516
-
SHA1
5b600acbee56cd300e0336e9586cbc60d25df573
-
SHA256
66975a5814ee58e19ad967e2f96a86ac4dcd941a764c52e37db7a8e3cc0803fb
-
SHA512
c4e4889747b2c1d05411b80ac9ac6fa3b24f34318570e4fe2353208ce4a030686391b86389c4fe514bf687b9084edc15d0d3fbc0f253021e5e7f37a183810376
-
SSDEEP
192:KGsy159/j/H3nCCBc21q5efqBF1EV0A5TV1McfJ0PaFFOIV9s3Q5tfBDSJGp:KGsy1597/H3CCBcNmqBF+VVlC3NJ0
Score1/10 -