General
-
Target
8c02cc9d5b7c298222211f0f5b7c7fb25b0e8b20b81c082064133b885641f11d
-
Size
2.8MB
-
Sample
240923-x4vjmsydln
-
MD5
c13f885a7d8d80f7e2ab6b635b6c7488
-
SHA1
bc797c91e35bf53107a275138ac19ad36547eadb
-
SHA256
8c02cc9d5b7c298222211f0f5b7c7fb25b0e8b20b81c082064133b885641f11d
-
SHA512
01685aa7201acdbd07a987c6c44e9b8a3b2779552bec1fb24ae6790e1610f916629c5a846de58e9fbaa9f774c9cf070efbeba69f85b31d80a5df123a5f351808
-
SSDEEP
49152:bnxCMZwRLeNaNhfI4dek+w7K/fGTWnImJ:bncMSleNaNhQ4d3XcGTWImJ
Static task
static1
Behavioral task
behavioral1
Sample
8c02cc9d5b7c298222211f0f5b7c7fb25b0e8b20b81c082064133b885641f11d.exe
Resource
win7-20240729-en
Malware Config
Extracted
stealc
rave
http://185.215.113.103
-
url_path
/e2b1563c6670f193.php
Targets
-
-
Target
8c02cc9d5b7c298222211f0f5b7c7fb25b0e8b20b81c082064133b885641f11d
-
Size
2.8MB
-
MD5
c13f885a7d8d80f7e2ab6b635b6c7488
-
SHA1
bc797c91e35bf53107a275138ac19ad36547eadb
-
SHA256
8c02cc9d5b7c298222211f0f5b7c7fb25b0e8b20b81c082064133b885641f11d
-
SHA512
01685aa7201acdbd07a987c6c44e9b8a3b2779552bec1fb24ae6790e1610f916629c5a846de58e9fbaa9f774c9cf070efbeba69f85b31d80a5df123a5f351808
-
SSDEEP
49152:bnxCMZwRLeNaNhfI4dek+w7K/fGTWnImJ:bncMSleNaNhQ4d3XcGTWImJ
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-