General
-
Target
1b7835777de07b233ff45cc89886d21de243bd94c8085ca5dedb30cf7c374747.exe
-
Size
2.7MB
-
Sample
241104-ckezma1apd
-
MD5
1dbbe2151e7215e8d5e4468a814b1af0
-
SHA1
ed0a01cdccfea20219cc0338da8c21a7c40385d9
-
SHA256
1b7835777de07b233ff45cc89886d21de243bd94c8085ca5dedb30cf7c374747
-
SHA512
1c524b750e3c7349de3ced70f2c2e76e1655ae7cfe6ab6816368c83403e4f6c6265baa54bae6b8f7346a92d05f9d1b520bb3d4ba7fd7224d5d14ca3e29c056ce
-
SSDEEP
49152:+M7voSpagsNz3c67NbdX1FlhdIywmD0DSgKM:rQSpagsNz3c67NdX1FlhdIyw202gKM
Static task
static1
Behavioral task
behavioral1
Sample
1b7835777de07b233ff45cc89886d21de243bd94c8085ca5dedb30cf7c374747.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
1b7835777de07b233ff45cc89886d21de243bd94c8085ca5dedb30cf7c374747.exe
-
Size
2.7MB
-
MD5
1dbbe2151e7215e8d5e4468a814b1af0
-
SHA1
ed0a01cdccfea20219cc0338da8c21a7c40385d9
-
SHA256
1b7835777de07b233ff45cc89886d21de243bd94c8085ca5dedb30cf7c374747
-
SHA512
1c524b750e3c7349de3ced70f2c2e76e1655ae7cfe6ab6816368c83403e4f6c6265baa54bae6b8f7346a92d05f9d1b520bb3d4ba7fd7224d5d14ca3e29c056ce
-
SSDEEP
49152:+M7voSpagsNz3c67NbdX1FlhdIywmD0DSgKM:rQSpagsNz3c67NdX1FlhdIyw202gKM
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2