General
-
Target
089a775c383cc2da60834c240ea0f53032315a1e413d65d73742bc02c64e2567
-
Size
3.4MB
-
Sample
240908-z16tlsvhjr
-
MD5
a3d3ef19fa5b15ef911d307df0940cb4
-
SHA1
bb91264558fdf2514ab95cd46c72f9c6a7734eda
-
SHA256
089a775c383cc2da60834c240ea0f53032315a1e413d65d73742bc02c64e2567
-
SHA512
fa80930cc261e74ba49587f02e8eccb8ab0d96ff929cf7fc6179ec1061e75f123453efb139779eb1de4e602d6d56ab8c55cc86c9abdd7a12458fb0cb011516f8
-
SSDEEP
49152:j9AMz2iLnTonKdp0QcO365J3yupsO98/Kxtu/lfzn69HtoB+GcNo/Z2HlOAY8W:j9qiInoO/J3NsSYKgz6n4+NmgHlJ
Static task
static1
Behavioral task
behavioral1
Sample
089a775c383cc2da60834c240ea0f53032315a1e413d65d73742bc02c64e2567.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
089a775c383cc2da60834c240ea0f53032315a1e413d65d73742bc02c64e2567
-
Size
3.4MB
-
MD5
a3d3ef19fa5b15ef911d307df0940cb4
-
SHA1
bb91264558fdf2514ab95cd46c72f9c6a7734eda
-
SHA256
089a775c383cc2da60834c240ea0f53032315a1e413d65d73742bc02c64e2567
-
SHA512
fa80930cc261e74ba49587f02e8eccb8ab0d96ff929cf7fc6179ec1061e75f123453efb139779eb1de4e602d6d56ab8c55cc86c9abdd7a12458fb0cb011516f8
-
SSDEEP
49152:j9AMz2iLnTonKdp0QcO365J3yupsO98/Kxtu/lfzn69HtoB+GcNo/Z2HlOAY8W:j9qiInoO/J3NsSYKgz6n4+NmgHlJ
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-