General
-
Target
13b53797e8ae8969a0fe2fa57463fae3727af51fe094904b0bd5c4ba22bfd262.exe
-
Size
2.7MB
-
Sample
241104-ch8h6atkbl
-
MD5
55d089adcef6d02f188a67f09a078f97
-
SHA1
c61e9e0c50ae4977a937760c9e3ed19e8cab6863
-
SHA256
13b53797e8ae8969a0fe2fa57463fae3727af51fe094904b0bd5c4ba22bfd262
-
SHA512
7019795ea4693d7ce222618c980624b515efcdf9e0e2203df30156ca248cbe99f1f1637a747a40e27847a598119e0a38c4bd78db488fb0b19d3cb20da2b7f0b2
-
SSDEEP
49152:l2Z9h/czBnu53qlDni1iijuxjiwranT5mvvCKxMGF0GlFyzzS3b:l2Z9Rc9nu53qlDi0ij5mNxL7FyX
Static task
static1
Behavioral task
behavioral1
Sample
13b53797e8ae8969a0fe2fa57463fae3727af51fe094904b0bd5c4ba22bfd262.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
13b53797e8ae8969a0fe2fa57463fae3727af51fe094904b0bd5c4ba22bfd262.exe
-
Size
2.7MB
-
MD5
55d089adcef6d02f188a67f09a078f97
-
SHA1
c61e9e0c50ae4977a937760c9e3ed19e8cab6863
-
SHA256
13b53797e8ae8969a0fe2fa57463fae3727af51fe094904b0bd5c4ba22bfd262
-
SHA512
7019795ea4693d7ce222618c980624b515efcdf9e0e2203df30156ca248cbe99f1f1637a747a40e27847a598119e0a38c4bd78db488fb0b19d3cb20da2b7f0b2
-
SSDEEP
49152:l2Z9h/czBnu53qlDni1iijuxjiwranT5mvvCKxMGF0GlFyzzS3b:l2Z9Rc9nu53qlDi0ij5mNxL7FyX
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2