General
-
Target
2f31fbed5c56e462b07267e34ceb1379eba62a4e62df361174ba36c4ebecc010.exe
-
Size
2.6MB
-
Sample
241104-cngydszmdv
-
MD5
1265e1fdc568827ea4d578014414622d
-
SHA1
587ed8b804e36c9c9230e3a9e1f184a4fb88d88f
-
SHA256
2f31fbed5c56e462b07267e34ceb1379eba62a4e62df361174ba36c4ebecc010
-
SHA512
689872ab683f6c9b9f0e8e2a44fbe45ebc9378dec36765e78c714fad41c18e071e75c15a5ef1945fe922c9ce5203e0ac7bf51bdbb809076b5e794526b6d2f947
-
SSDEEP
49152:teF3OtyhOBDwCAOut/IYTS+UH2vqMNYaL1OT9bSHgZ:tptyhOtwCA3/kvGL1bHA
Static task
static1
Behavioral task
behavioral1
Sample
2f31fbed5c56e462b07267e34ceb1379eba62a4e62df361174ba36c4ebecc010.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2f31fbed5c56e462b07267e34ceb1379eba62a4e62df361174ba36c4ebecc010.exe
-
Size
2.6MB
-
MD5
1265e1fdc568827ea4d578014414622d
-
SHA1
587ed8b804e36c9c9230e3a9e1f184a4fb88d88f
-
SHA256
2f31fbed5c56e462b07267e34ceb1379eba62a4e62df361174ba36c4ebecc010
-
SHA512
689872ab683f6c9b9f0e8e2a44fbe45ebc9378dec36765e78c714fad41c18e071e75c15a5ef1945fe922c9ce5203e0ac7bf51bdbb809076b5e794526b6d2f947
-
SSDEEP
49152:teF3OtyhOBDwCAOut/IYTS+UH2vqMNYaL1OT9bSHgZ:tptyhOtwCA3/kvGL1bHA
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2