General
-
Target
6970deaf5a791b972a83f8cd75d0795c1177cdcfb9bd15eff809fe0a1fcba13c
-
Size
2.3MB
-
Sample
240621-2whx4atfph
-
MD5
e14cf433296b4082c590b54e63e786e3
-
SHA1
69842f5211b3077a5c6c5acb18ce31a9d69ba716
-
SHA256
6970deaf5a791b972a83f8cd75d0795c1177cdcfb9bd15eff809fe0a1fcba13c
-
SHA512
28711c949a9d3672c873b16292ed3c8dbc74ddc142828dd6cf759523b5758bb28e9e370a4ed43425793467d7ba469192d520b15cd82f321cf322fb00962ca6c0
-
SSDEEP
49152:GkoXvaZUO2q9DX9FoxrnheoBHccXhg39RPXRTwksty8Pq5OSY7Gj:HsvQ2q9DXMrn55kyk8
Static task
static1
Behavioral task
behavioral1
Sample
6970deaf5a791b972a83f8cd75d0795c1177cdcfb9bd15eff809fe0a1fcba13c.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
risepro
77.91.77.66:58709
Targets
-
-
Target
6970deaf5a791b972a83f8cd75d0795c1177cdcfb9bd15eff809fe0a1fcba13c
-
Size
2.3MB
-
MD5
e14cf433296b4082c590b54e63e786e3
-
SHA1
69842f5211b3077a5c6c5acb18ce31a9d69ba716
-
SHA256
6970deaf5a791b972a83f8cd75d0795c1177cdcfb9bd15eff809fe0a1fcba13c
-
SHA512
28711c949a9d3672c873b16292ed3c8dbc74ddc142828dd6cf759523b5758bb28e9e370a4ed43425793467d7ba469192d520b15cd82f321cf322fb00962ca6c0
-
SSDEEP
49152:GkoXvaZUO2q9DX9FoxrnheoBHccXhg39RPXRTwksty8Pq5OSY7Gj:HsvQ2q9DXMrn55kyk8
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-