General
-
Target
file.exe
-
Size
1.7MB
-
Sample
241110-b6zeqawhln
-
MD5
284f5ef61fc9e1cf13f7dac0605da9ae
-
SHA1
9296e6be45036579a8b22a0cfa390177ed14b89e
-
SHA256
4f1410b75e73186bf8c09c84f48e84458ee1c151e7f254263ba13df3fc2beaf9
-
SHA512
6ba28cd689acdcbaaa99bc60e077857072613d45419966dfb8580aa9b4fcde4c8233d6fe527016eb9a1b88ba1b97634192fa2f1937d0319c2d940c8bde0ca56b
-
SSDEEP
49152:7mGbxotoDdxJInRWna2aS4VuRRGKCEz1v2jQUXsM:7m4lDdXIRWa2aiRP1v2jL8
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
1.7MB
-
MD5
284f5ef61fc9e1cf13f7dac0605da9ae
-
SHA1
9296e6be45036579a8b22a0cfa390177ed14b89e
-
SHA256
4f1410b75e73186bf8c09c84f48e84458ee1c151e7f254263ba13df3fc2beaf9
-
SHA512
6ba28cd689acdcbaaa99bc60e077857072613d45419966dfb8580aa9b4fcde4c8233d6fe527016eb9a1b88ba1b97634192fa2f1937d0319c2d940c8bde0ca56b
-
SSDEEP
49152:7mGbxotoDdxJInRWna2aS4VuRRGKCEz1v2jQUXsM:7m4lDdXIRWa2aiRP1v2jL8
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-