General
-
Target
fbcb4960ac5ddf6188d73336ca73afe4e19002a62f769dc6db5f0bbc5c247a21
-
Size
2.7MB
-
Sample
240919-2qtseavhkp
-
MD5
311cadfa955598d8bd771e69dd42ded6
-
SHA1
52dd9710774381579051a0ffc79da11ac833fc2e
-
SHA256
fbcb4960ac5ddf6188d73336ca73afe4e19002a62f769dc6db5f0bbc5c247a21
-
SHA512
f9032144b11dc25853c5fe68432cdad4d82c7bb90ab2cc91014f533e3b9b09577d78abdd2440e8e4a951037d1ea9b25996adeab6dfa88d7473a5682b67176d93
-
SSDEEP
49152:/VSfpUY7W9y+ike76tu9XyKnDjCoHKajq6FcT2d4H89rB:dSfpUcW9y+ike76QvdKU2I4H89rB
Static task
static1
Behavioral task
behavioral1
Sample
fbcb4960ac5ddf6188d73336ca73afe4e19002a62f769dc6db5f0bbc5c247a21.exe
Resource
win7-20240903-en
Malware Config
Extracted
stealc
rave
http://185.215.113.103
-
url_path
/e2b1563c6670f193.php
Targets
-
-
Target
fbcb4960ac5ddf6188d73336ca73afe4e19002a62f769dc6db5f0bbc5c247a21
-
Size
2.7MB
-
MD5
311cadfa955598d8bd771e69dd42ded6
-
SHA1
52dd9710774381579051a0ffc79da11ac833fc2e
-
SHA256
fbcb4960ac5ddf6188d73336ca73afe4e19002a62f769dc6db5f0bbc5c247a21
-
SHA512
f9032144b11dc25853c5fe68432cdad4d82c7bb90ab2cc91014f533e3b9b09577d78abdd2440e8e4a951037d1ea9b25996adeab6dfa88d7473a5682b67176d93
-
SSDEEP
49152:/VSfpUY7W9y+ike76tu9XyKnDjCoHKajq6FcT2d4H89rB:dSfpUcW9y+ike76QvdKU2I4H89rB
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-