General
-
Target
44e08a70c8c83f86a30c323f9c576f87e58ba830cf1598d2a9e93a3df5bad5a0.exe
-
Size
2.7MB
-
Sample
241104-crgf2a1ckf
-
MD5
665462e32d3eb39fcddbaa278d28c051
-
SHA1
1470ce95c61356328d2ea9a2b6579a565e197211
-
SHA256
44e08a70c8c83f86a30c323f9c576f87e58ba830cf1598d2a9e93a3df5bad5a0
-
SHA512
b8bcce3897dd0c98b47de3d5c173939e61581de84a4dd524fc69954976be1af4d9b668c567921eb242e70541c40e4738a140cb2625e15a033357fbb7eebc71a5
-
SSDEEP
49152:4IoEigSJStOS9NYVDyEi5QXNWTjulOMk:4IoEigSJS4g8yZO
Static task
static1
Behavioral task
behavioral1
Sample
44e08a70c8c83f86a30c323f9c576f87e58ba830cf1598d2a9e93a3df5bad5a0.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
44e08a70c8c83f86a30c323f9c576f87e58ba830cf1598d2a9e93a3df5bad5a0.exe
-
Size
2.7MB
-
MD5
665462e32d3eb39fcddbaa278d28c051
-
SHA1
1470ce95c61356328d2ea9a2b6579a565e197211
-
SHA256
44e08a70c8c83f86a30c323f9c576f87e58ba830cf1598d2a9e93a3df5bad5a0
-
SHA512
b8bcce3897dd0c98b47de3d5c173939e61581de84a4dd524fc69954976be1af4d9b668c567921eb242e70541c40e4738a140cb2625e15a033357fbb7eebc71a5
-
SSDEEP
49152:4IoEigSJStOS9NYVDyEi5QXNWTjulOMk:4IoEigSJS4g8yZO
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2