General
-
Target
dcb1c01555ff4e4abebfb41e0ab88f80f160ccdfad90dba7cf006155b2d928e6.exe
-
Size
2.6MB
-
Sample
241104-dh9a5asdrq
-
MD5
4db45d24e7ad846eef8066cf15cfe490
-
SHA1
09c3a76063a3a0e4e8ff5098aa1d9527dfaba395
-
SHA256
dcb1c01555ff4e4abebfb41e0ab88f80f160ccdfad90dba7cf006155b2d928e6
-
SHA512
afb2b9e7d9c52c1a5d9d97af4dfaa65d3a3c2e82b9f55e503ed4295bdae31755fd402cfae9bbfbb99c76a605b12cc5b8def2e0f695a7a97b9053b4afff19e3a3
-
SSDEEP
49152:kW3LpPeGOksfdM+5mScBR3r7e9BK6Grn0:P3LpPeGOksu+5VcBR3rbdr
Static task
static1
Behavioral task
behavioral1
Sample
dcb1c01555ff4e4abebfb41e0ab88f80f160ccdfad90dba7cf006155b2d928e6.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
dcb1c01555ff4e4abebfb41e0ab88f80f160ccdfad90dba7cf006155b2d928e6.exe
-
Size
2.6MB
-
MD5
4db45d24e7ad846eef8066cf15cfe490
-
SHA1
09c3a76063a3a0e4e8ff5098aa1d9527dfaba395
-
SHA256
dcb1c01555ff4e4abebfb41e0ab88f80f160ccdfad90dba7cf006155b2d928e6
-
SHA512
afb2b9e7d9c52c1a5d9d97af4dfaa65d3a3c2e82b9f55e503ed4295bdae31755fd402cfae9bbfbb99c76a605b12cc5b8def2e0f695a7a97b9053b4afff19e3a3
-
SSDEEP
49152:kW3LpPeGOksfdM+5mScBR3r7e9BK6Grn0:P3LpPeGOksu+5VcBR3rbdr
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2