General
-
Target
d5f4060c453cf49b3760c72cd9eee858b0d9470b0274c5dd0de0a823b53adec7
-
Size
2.3MB
-
Sample
240622-jrd48s1gkb
-
MD5
de5504b650cf7f13e9d51e03ac2219d3
-
SHA1
76159be22a7db2828393bb80103968d489d03413
-
SHA256
d5f4060c453cf49b3760c72cd9eee858b0d9470b0274c5dd0de0a823b53adec7
-
SHA512
e4a8e112e07e768bd94fdbddc34b957cacda7f63e955fe83c6eafad73693694952505ae500199037e17e2b8ecca22ade1eb4383c3b0159125f6e68c49f907778
-
SSDEEP
49152:Ex3p3Q7b/NIbR2Kqda5ruwb1hJJ5rePg2+VvIl:U3p3Q7bFIOovL6Pg2+VvIl
Static task
static1
Behavioral task
behavioral1
Sample
d5f4060c453cf49b3760c72cd9eee858b0d9470b0274c5dd0de0a823b53adec7.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
77.91.77.66:58709
Targets
-
-
Target
d5f4060c453cf49b3760c72cd9eee858b0d9470b0274c5dd0de0a823b53adec7
-
Size
2.3MB
-
MD5
de5504b650cf7f13e9d51e03ac2219d3
-
SHA1
76159be22a7db2828393bb80103968d489d03413
-
SHA256
d5f4060c453cf49b3760c72cd9eee858b0d9470b0274c5dd0de0a823b53adec7
-
SHA512
e4a8e112e07e768bd94fdbddc34b957cacda7f63e955fe83c6eafad73693694952505ae500199037e17e2b8ecca22ade1eb4383c3b0159125f6e68c49f907778
-
SSDEEP
49152:Ex3p3Q7b/NIbR2Kqda5ruwb1hJJ5rePg2+VvIl:U3p3Q7bFIOovL6Pg2+VvIl
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-