General
-
Target
59191267a40343711fb9d69070487027f78f43cf5ffb9b4f53129f5a62501b08.exe
-
Size
2.7MB
-
Sample
241104-cts8ls1cqd
-
MD5
02da8861168b51f837964577ae71b38f
-
SHA1
1eb64566a6945cafd547f66229c92d44144cba7b
-
SHA256
59191267a40343711fb9d69070487027f78f43cf5ffb9b4f53129f5a62501b08
-
SHA512
5f732ef643bf8996a6cd74f1e6c2811d85158370131d043ee077690ba4fb281826b997834576f3532f4b71713cb950e536c6ce04c7b6d70bb6d11c0e1b664926
-
SSDEEP
24576:nS5FoxT0xsTKBRrrpZqXGJnAk4J8+7ANwMWLzIh7SqTdlve42HOLLL5podKrLqte:o5frr2G/Qn2YA1v8a5aGWH0g983
Static task
static1
Behavioral task
behavioral1
Sample
59191267a40343711fb9d69070487027f78f43cf5ffb9b4f53129f5a62501b08.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
59191267a40343711fb9d69070487027f78f43cf5ffb9b4f53129f5a62501b08.exe
-
Size
2.7MB
-
MD5
02da8861168b51f837964577ae71b38f
-
SHA1
1eb64566a6945cafd547f66229c92d44144cba7b
-
SHA256
59191267a40343711fb9d69070487027f78f43cf5ffb9b4f53129f5a62501b08
-
SHA512
5f732ef643bf8996a6cd74f1e6c2811d85158370131d043ee077690ba4fb281826b997834576f3532f4b71713cb950e536c6ce04c7b6d70bb6d11c0e1b664926
-
SSDEEP
24576:nS5FoxT0xsTKBRrrpZqXGJnAk4J8+7ANwMWLzIh7SqTdlve42HOLLL5podKrLqte:o5frr2G/Qn2YA1v8a5aGWH0g983
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2