General
-
Target
9b390e9a49125f3573909e7216e5f5f890c7632fccc55626781184209258b7ee
-
Size
2.3MB
-
Sample
240622-p4cptssgpj
-
MD5
a4530430db039421a4bb5e097bdfc4c7
-
SHA1
77f182be186f9b8169d59416980854ce12f135ee
-
SHA256
9b390e9a49125f3573909e7216e5f5f890c7632fccc55626781184209258b7ee
-
SHA512
2214d8bae005ea3e57163de3e11bae476997f3d6de912d5c7a642e985d5d9ad574c187fd8f1ff52e1bf875299c8c0510c4c6f323cf537a2f87ccc6490f206fad
-
SSDEEP
49152:+bjs8XaYfR2OPWtUcJLDMuTJygh74Xlc4w1glv2MMaMatSVC5K162:+bj7XaYLP9cJLDMac+cVc2d2q0VEK16
Static task
static1
Behavioral task
behavioral1
Sample
9b390e9a49125f3573909e7216e5f5f890c7632fccc55626781184209258b7ee.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
risepro
77.91.77.66:58709
Targets
-
-
Target
9b390e9a49125f3573909e7216e5f5f890c7632fccc55626781184209258b7ee
-
Size
2.3MB
-
MD5
a4530430db039421a4bb5e097bdfc4c7
-
SHA1
77f182be186f9b8169d59416980854ce12f135ee
-
SHA256
9b390e9a49125f3573909e7216e5f5f890c7632fccc55626781184209258b7ee
-
SHA512
2214d8bae005ea3e57163de3e11bae476997f3d6de912d5c7a642e985d5d9ad574c187fd8f1ff52e1bf875299c8c0510c4c6f323cf537a2f87ccc6490f206fad
-
SSDEEP
49152:+bjs8XaYfR2OPWtUcJLDMuTJygh74Xlc4w1glv2MMaMatSVC5K162:+bj7XaYLP9cJLDMac+cVc2d2q0VEK16
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-