General
-
Target
5ee74cad243bc459b9068894fa0fc05d40cc8466322315f0132c8275a78112f9
-
Size
2.6MB
-
Sample
241104-rnsr8atmfj
-
MD5
6354373133352ba01002bf37447a6c5d
-
SHA1
cd4133e43fee19def2e0a31aa40f600b95c9dbbe
-
SHA256
5ee74cad243bc459b9068894fa0fc05d40cc8466322315f0132c8275a78112f9
-
SHA512
f7cf81c16ce5ceff2f6cd946896780c7f1f0e5ca78356c52d36e5079e62acb3e0d5970e32033029faac41fca73438e5a9c2d09264f9aa57dcacf4c1a483a3244
-
SSDEEP
24576:DrNfEyEa9w2DGLy9fNhR71ckpZzUbJbl/LI5Gbn2CL0LyoZtLzwmiiE+iv+9j6F:DrNfEyEObSW9f/DB2JdLnbnaHtwV+iF
Static task
static1
Behavioral task
behavioral1
Sample
5ee74cad243bc459b9068894fa0fc05d40cc8466322315f0132c8275a78112f9.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
5ee74cad243bc459b9068894fa0fc05d40cc8466322315f0132c8275a78112f9
-
Size
2.6MB
-
MD5
6354373133352ba01002bf37447a6c5d
-
SHA1
cd4133e43fee19def2e0a31aa40f600b95c9dbbe
-
SHA256
5ee74cad243bc459b9068894fa0fc05d40cc8466322315f0132c8275a78112f9
-
SHA512
f7cf81c16ce5ceff2f6cd946896780c7f1f0e5ca78356c52d36e5079e62acb3e0d5970e32033029faac41fca73438e5a9c2d09264f9aa57dcacf4c1a483a3244
-
SSDEEP
24576:DrNfEyEa9w2DGLy9fNhR71ckpZzUbJbl/LI5Gbn2CL0LyoZtLzwmiiE+iv+9j6F:DrNfEyEObSW9f/DB2JdLnbnaHtwV+iF
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2