General
-
Target
eca345932d6d86344eeff06cb9b3d60131d23f48f59a5dd73fec57734bba3e01.exe
-
Size
2.7MB
-
Sample
241110-dq1nysxqbv
-
MD5
8f83afca9c2c5f691e0d72198fc243eb
-
SHA1
fb78a4d64c193fdf5a8da774bc217b0d53f4e567
-
SHA256
eca345932d6d86344eeff06cb9b3d60131d23f48f59a5dd73fec57734bba3e01
-
SHA512
15c690eedd848bf377b0c2a2dddaea5f90e1fae50ab20ed4d2fd61c7d57d1b070df5f1d5b6258f89aabbda2fd0661e2861bff273474c9aa4fa68fcc08a7203bc
-
SSDEEP
49152:9ST4Kv7H3eL7/stydMJ3Qt7mVPhvhmd+/UA6y0Phj:9STFv7Xef/DSXXhmZA6y0J
Static task
static1
Behavioral task
behavioral1
Sample
eca345932d6d86344eeff06cb9b3d60131d23f48f59a5dd73fec57734bba3e01.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
eca345932d6d86344eeff06cb9b3d60131d23f48f59a5dd73fec57734bba3e01.exe
-
Size
2.7MB
-
MD5
8f83afca9c2c5f691e0d72198fc243eb
-
SHA1
fb78a4d64c193fdf5a8da774bc217b0d53f4e567
-
SHA256
eca345932d6d86344eeff06cb9b3d60131d23f48f59a5dd73fec57734bba3e01
-
SHA512
15c690eedd848bf377b0c2a2dddaea5f90e1fae50ab20ed4d2fd61c7d57d1b070df5f1d5b6258f89aabbda2fd0661e2861bff273474c9aa4fa68fcc08a7203bc
-
SSDEEP
49152:9ST4Kv7H3eL7/stydMJ3Qt7mVPhvhmd+/UA6y0Phj:9STFv7Xef/DSXXhmZA6y0J
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2