General
-
Target
67b2207a695a75b4a060bdaa06e120720eb8a1b4680f17d88a99b074953b7118.exe
-
Size
2.7MB
-
Sample
241113-vs5t5awdkd
-
MD5
606f920261654db91a5cf0db2b346cc2
-
SHA1
866d10dbf2b283cbb5f9a4e6c64ee6db1dbb05e9
-
SHA256
67b2207a695a75b4a060bdaa06e120720eb8a1b4680f17d88a99b074953b7118
-
SHA512
bd97120117ddb33fce2cc6e091752a94e1215f9178d9b5e814147972a49e8709c5155897dcb8b4e8f4c7543526d39c37b4b7a5ccd1d255ded32d3c618a8e2bfa
-
SSDEEP
49152:uV7ebkNeZgo5ZylN0O/GeMjQMFmJVpp6lvZLb:uV7ebkmggZylN01XM5Yz
Static task
static1
Behavioral task
behavioral1
Sample
67b2207a695a75b4a060bdaa06e120720eb8a1b4680f17d88a99b074953b7118.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
67b2207a695a75b4a060bdaa06e120720eb8a1b4680f17d88a99b074953b7118.exe
-
Size
2.7MB
-
MD5
606f920261654db91a5cf0db2b346cc2
-
SHA1
866d10dbf2b283cbb5f9a4e6c64ee6db1dbb05e9
-
SHA256
67b2207a695a75b4a060bdaa06e120720eb8a1b4680f17d88a99b074953b7118
-
SHA512
bd97120117ddb33fce2cc6e091752a94e1215f9178d9b5e814147972a49e8709c5155897dcb8b4e8f4c7543526d39c37b4b7a5ccd1d255ded32d3c618a8e2bfa
-
SSDEEP
49152:uV7ebkNeZgo5ZylN0O/GeMjQMFmJVpp6lvZLb:uV7ebkmggZylN01XM5Yz
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2