General
-
Target
46a25aa38e536b2f7f2b950f00269d78ceaa2ae77e9ac3b99b1147628e18d76e.exe
-
Size
4.2MB
-
Sample
241109-za5tma1hmr
-
MD5
3513dcf913ca16de1e626827dd76f329
-
SHA1
0347bb1ba8ecd93267f7820d2649acaee9c60bc7
-
SHA256
46a25aa38e536b2f7f2b950f00269d78ceaa2ae77e9ac3b99b1147628e18d76e
-
SHA512
42310dcd61b5f32eaaf34434dca8f45a2ada0c2d9c293a87f222fc3aa3a289805c037508e278f0cbd8901ddd3d4b2a97259027fb0c3092ff653f60da14d43428
-
SSDEEP
98304:Iem+NfZ/yB042SIoHVqNBVZ+Ct5sc8ndU/aY9bE:IeL/yweVo/Vt5R8ndrQ
Static task
static1
Behavioral task
behavioral1
Sample
46a25aa38e536b2f7f2b950f00269d78ceaa2ae77e9ac3b99b1147628e18d76e.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
46a25aa38e536b2f7f2b950f00269d78ceaa2ae77e9ac3b99b1147628e18d76e.exe
-
Size
4.2MB
-
MD5
3513dcf913ca16de1e626827dd76f329
-
SHA1
0347bb1ba8ecd93267f7820d2649acaee9c60bc7
-
SHA256
46a25aa38e536b2f7f2b950f00269d78ceaa2ae77e9ac3b99b1147628e18d76e
-
SHA512
42310dcd61b5f32eaaf34434dca8f45a2ada0c2d9c293a87f222fc3aa3a289805c037508e278f0cbd8901ddd3d4b2a97259027fb0c3092ff653f60da14d43428
-
SSDEEP
98304:Iem+NfZ/yB042SIoHVqNBVZ+Ct5sc8ndU/aY9bE:IeL/yweVo/Vt5R8ndrQ
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-