General

  • Target

    089a775c383cc2da60834c240ea0f53032315a1e413d65d73742bc02c64e2567

  • Size

    3.4MB

  • Sample

    240908-z16tlsvhjr

  • MD5

    a3d3ef19fa5b15ef911d307df0940cb4

  • SHA1

    bb91264558fdf2514ab95cd46c72f9c6a7734eda

  • SHA256

    089a775c383cc2da60834c240ea0f53032315a1e413d65d73742bc02c64e2567

  • SHA512

    fa80930cc261e74ba49587f02e8eccb8ab0d96ff929cf7fc6179ec1061e75f123453efb139779eb1de4e602d6d56ab8c55cc86c9abdd7a12458fb0cb011516f8

  • SSDEEP

    49152:j9AMz2iLnTonKdp0QcO365J3yupsO98/Kxtu/lfzn69HtoB+GcNo/Z2HlOAY8W:j9qiInoO/J3NsSYKgz6n4+NmgHlJ

Malware Config

Targets

    • Target

      089a775c383cc2da60834c240ea0f53032315a1e413d65d73742bc02c64e2567

    • Size

      3.4MB

    • MD5

      a3d3ef19fa5b15ef911d307df0940cb4

    • SHA1

      bb91264558fdf2514ab95cd46c72f9c6a7734eda

    • SHA256

      089a775c383cc2da60834c240ea0f53032315a1e413d65d73742bc02c64e2567

    • SHA512

      fa80930cc261e74ba49587f02e8eccb8ab0d96ff929cf7fc6179ec1061e75f123453efb139779eb1de4e602d6d56ab8c55cc86c9abdd7a12458fb0cb011516f8

    • SSDEEP

      49152:j9AMz2iLnTonKdp0QcO365J3yupsO98/Kxtu/lfzn69HtoB+GcNo/Z2HlOAY8W:j9qiInoO/J3NsSYKgz6n4+NmgHlJ

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks