General
-
Target
43751bf696d4180c1f7389ab275532b540cfd0f41e8de7516d9eaefbaee4a571
-
Size
2.6MB
-
Sample
241031-xmgapa1jbs
-
MD5
b025278fdf1cbcf20158bb071cbc5d2a
-
SHA1
d5973cc90e7ca5f1fb6e42168d00870112aed7aa
-
SHA256
43751bf696d4180c1f7389ab275532b540cfd0f41e8de7516d9eaefbaee4a571
-
SHA512
4a6b4558333e8358bdb71a6b0ee3aea41d802de7753cca93a6458926418d175fb1365a5e2b0f4aeec4de32bf8d840e0cd9abd25b0bb43cf0e4aef3af70b3d512
-
SSDEEP
24576:CE2JDFp+4/uE3UlQizLk1m6Y0PQYC/V4liTSQCri9M6sLFL1VUyrEqYFuVS4Df88:/QD3+fESvgWdTv9YL1VrEhgS4Tyw6W
Static task
static1
Behavioral task
behavioral1
Sample
43751bf696d4180c1f7389ab275532b540cfd0f41e8de7516d9eaefbaee4a571.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
43751bf696d4180c1f7389ab275532b540cfd0f41e8de7516d9eaefbaee4a571
-
Size
2.6MB
-
MD5
b025278fdf1cbcf20158bb071cbc5d2a
-
SHA1
d5973cc90e7ca5f1fb6e42168d00870112aed7aa
-
SHA256
43751bf696d4180c1f7389ab275532b540cfd0f41e8de7516d9eaefbaee4a571
-
SHA512
4a6b4558333e8358bdb71a6b0ee3aea41d802de7753cca93a6458926418d175fb1365a5e2b0f4aeec4de32bf8d840e0cd9abd25b0bb43cf0e4aef3af70b3d512
-
SSDEEP
24576:CE2JDFp+4/uE3UlQizLk1m6Y0PQYC/V4liTSQCri9M6sLFL1VUyrEqYFuVS4Df88:/QD3+fESvgWdTv9YL1VrEhgS4Tyw6W
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2