General
-
Target
paint.exe
-
Size
4.3MB
-
Sample
241031-wpkkfstlbr
-
MD5
91f58c76697f964e359844b460980bff
-
SHA1
d943bbf58b25f3bd49393044ba02b8a0bd9c5cd5
-
SHA256
335182fb927d6ce2bbe800b35997d7e0e6010ce388434c65355c11353b0116f2
-
SHA512
1af656c10d97d652eccfd01c1d84fccf02e6a59219b7f611987f5241d53e98ed5f44d785609491075f992273ed0359cd56fe1101da3b5596bdb9ceb3d1bc9868
-
SSDEEP
98304:OfWMn/85jV8kbave4qaI6d3WonyEQ+us76D+iLdkCWdFv:yYkeeI6d3Wy57mLnCFv
Behavioral task
behavioral1
Sample
paint.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
paint.exe
-
Size
4.3MB
-
MD5
91f58c76697f964e359844b460980bff
-
SHA1
d943bbf58b25f3bd49393044ba02b8a0bd9c5cd5
-
SHA256
335182fb927d6ce2bbe800b35997d7e0e6010ce388434c65355c11353b0116f2
-
SHA512
1af656c10d97d652eccfd01c1d84fccf02e6a59219b7f611987f5241d53e98ed5f44d785609491075f992273ed0359cd56fe1101da3b5596bdb9ceb3d1bc9868
-
SSDEEP
98304:OfWMn/85jV8kbave4qaI6d3WonyEQ+us76D+iLdkCWdFv:yYkeeI6d3Wy57mLnCFv
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-