General
-
Target
6fb03fa828916bd6b9f040cb2d3205a56686610605402a312ff0b218e24196f8
-
Size
2.4MB
-
Sample
240621-kyk2ssxfnk
-
MD5
e55ba3417e31b0254591fc4468d4583a
-
SHA1
b325e252565c593202bd66185cead5e38e66c491
-
SHA256
6fb03fa828916bd6b9f040cb2d3205a56686610605402a312ff0b218e24196f8
-
SHA512
e4533dce449a3fe2e931a4548be0a39cd93fbea18088603544aecab10085958195a57a7f9e4aaaa78217e357bd7827779b46d4bae5363100555eddf94d4de611
-
SSDEEP
49152:GMhBPnOH89qVTE42P18HW+dQ+E/d/1tk2rghAiZ:nbgi49vdfE/3a2rghAiZ
Static task
static1
Behavioral task
behavioral1
Sample
6fb03fa828916bd6b9f040cb2d3205a56686610605402a312ff0b218e24196f8.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
risepro
77.91.77.66:58709
Targets
-
-
Target
6fb03fa828916bd6b9f040cb2d3205a56686610605402a312ff0b218e24196f8
-
Size
2.4MB
-
MD5
e55ba3417e31b0254591fc4468d4583a
-
SHA1
b325e252565c593202bd66185cead5e38e66c491
-
SHA256
6fb03fa828916bd6b9f040cb2d3205a56686610605402a312ff0b218e24196f8
-
SHA512
e4533dce449a3fe2e931a4548be0a39cd93fbea18088603544aecab10085958195a57a7f9e4aaaa78217e357bd7827779b46d4bae5363100555eddf94d4de611
-
SSDEEP
49152:GMhBPnOH89qVTE42P18HW+dQ+E/d/1tk2rghAiZ:nbgi49vdfE/3a2rghAiZ
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-