General
-
Target
Etherium.zip
-
Size
5.3MB
-
Sample
241031-wwm9xszqbz
-
MD5
4f765db3f56afa3507e90beb0d209ce0
-
SHA1
5d02ec051894d5d9ad139faa3eea6234dc6659d9
-
SHA256
2d19d2373d8fc5359fb7e36a7c5ae1cc451bc656ab6ae7513724eab510fbeab6
-
SHA512
eb37b048f84752cc243d55d5d98414199eb9bbb3ed8464c477be0be146a8cf0cd061b158957d80fed479c629fd63806d5822082e052ab33afd9f64fc3d8e95b8
-
SSDEEP
98304:6wphT0AX4+355f/RqF5lkQuK0IQ5jEDQCGzVcQoFGCb4WRwfnI4UzQNFfGeDhDS3:1phT0o4+Dxg5lM5jqQvZteGbxU4FfGeU
Behavioral task
behavioral1
Sample
Etherium.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Etherium.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
WebView2Loader.dll
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
WebView2Loader.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Etherium.exe
-
Size
5.3MB
-
MD5
1785316adf2ac5b7cdb1fe99b6e64c2a
-
SHA1
bbcc537190d316bd7984c02bb202dcc32a80bf3c
-
SHA256
d59280c8aeaa1d336a18298b592a16dc661f026b3f8dd53d586fb86ce6578c1b
-
SHA512
20ef7897ca3b7f4a5972943123e05c318551ce61bf557473d535e32097435a0554888b9cd03ad6bb137697b0635a6435daa7be9bfdbc2350c74f6053a4ddb59d
-
SSDEEP
98304:xpf4AjdmVusfh1lkBwdzdsauXNe0y9ExVSBMQT8i79tOX11XStYsZL6HHrLP:ztjdmusHCxaudetAVL5iJtOF1XTsmPP
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
WebView2Loader.dll
-
Size
133KB
-
MD5
2e3f0bf9337083a32aaa5dc68dd1c3bf
-
SHA1
72e669417245b7b6918cbd379a7ce9675bf445ea
-
SHA256
fdf978ba706578b05967d7f0181f462147864a5aa74f36016a62cb3d3dbe6909
-
SHA512
3b06ab9ccd07b95d2a5e1a4fd673978d24146692a07dbdc5fff19c15e140d7304c065c35be7fa08850c7d4586effec6586f87515e3f3c074b7a5b9796a58631b
-
SSDEEP
3072:kPzSYWDiiK+shdkt7E86qWBgbFCAg3esIDKEtn2C85N1d3j:FDicWdCD65BWFCEt0pj
Score1/10 -