General
-
Target
38e830e8347e700cdddb4d739552863c339d93e830d0788175407458595c3576
-
Size
2.4MB
-
Sample
240621-nkkqna1glk
-
MD5
87ab5ed09d5fa42485cb8c11cbf708f1
-
SHA1
bddc4a4d445232eb01b286da022ccdd713bf82b4
-
SHA256
38e830e8347e700cdddb4d739552863c339d93e830d0788175407458595c3576
-
SHA512
1ba36784e487339fd201bcf87c613af21d8fb4c800d214613eeaa37b541542450c0bda8621edf1072906efc5506468bb8ca7cf2b241ebd57a3f43f1acfcecf34
-
SSDEEP
49152:8PnnMvqZmyEkba4tfwmjABR3+atYh+zHOWQXeQG4PWqeH3DgQCJV:8PMOmNkbaifwjBJ+KfzHOW4eQTWx3DtU
Static task
static1
Behavioral task
behavioral1
Sample
38e830e8347e700cdddb4d739552863c339d93e830d0788175407458595c3576.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
77.91.77.66:58709
Targets
-
-
Target
38e830e8347e700cdddb4d739552863c339d93e830d0788175407458595c3576
-
Size
2.4MB
-
MD5
87ab5ed09d5fa42485cb8c11cbf708f1
-
SHA1
bddc4a4d445232eb01b286da022ccdd713bf82b4
-
SHA256
38e830e8347e700cdddb4d739552863c339d93e830d0788175407458595c3576
-
SHA512
1ba36784e487339fd201bcf87c613af21d8fb4c800d214613eeaa37b541542450c0bda8621edf1072906efc5506468bb8ca7cf2b241ebd57a3f43f1acfcecf34
-
SSDEEP
49152:8PnnMvqZmyEkba4tfwmjABR3+atYh+zHOWQXeQG4PWqeH3DgQCJV:8PMOmNkbaifwjBJ+KfzHOW4eQTWx3DtU
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-