General
-
Target
8a3906d7db5ac35cb2787e839aef5b2968c5d35536b79e4602e4906f5718f4f7.exe
-
Size
2.6MB
-
Sample
241113-wannkawjct
-
MD5
2133999491547ae0570d0c25d9dcc6fd
-
SHA1
18d77612dd52c447af8d3253d1c7bf8a65f1778f
-
SHA256
8a3906d7db5ac35cb2787e839aef5b2968c5d35536b79e4602e4906f5718f4f7
-
SHA512
0e67f5015a119afd0939fe23c52d44e155bd523d5bffef5fc4915b71d170376c1645422358050131daaa4c45ff98dbec5d9ae8b45c5cf0195ef1597de1c4caee
-
SSDEEP
24576:w2ehjF+ftJeTCh/BsQ0TbsDav8vkSfKyIQwYvhRSmJUsnyI4QWXJTzFMtOfkpJKA:a+1JeTMuTbT9SsJPGZJKyLwHKI6N
Static task
static1
Behavioral task
behavioral1
Sample
8a3906d7db5ac35cb2787e839aef5b2968c5d35536b79e4602e4906f5718f4f7.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
8a3906d7db5ac35cb2787e839aef5b2968c5d35536b79e4602e4906f5718f4f7.exe
-
Size
2.6MB
-
MD5
2133999491547ae0570d0c25d9dcc6fd
-
SHA1
18d77612dd52c447af8d3253d1c7bf8a65f1778f
-
SHA256
8a3906d7db5ac35cb2787e839aef5b2968c5d35536b79e4602e4906f5718f4f7
-
SHA512
0e67f5015a119afd0939fe23c52d44e155bd523d5bffef5fc4915b71d170376c1645422358050131daaa4c45ff98dbec5d9ae8b45c5cf0195ef1597de1c4caee
-
SSDEEP
24576:w2ehjF+ftJeTCh/BsQ0TbsDav8vkSfKyIQwYvhRSmJUsnyI4QWXJTzFMtOfkpJKA:a+1JeTMuTbT9SsJPGZJKyLwHKI6N
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2