General
-
Target
a2c4792c72354a4d9ba484fd68dce51182e71eab8d7f479af4d7c76391342025.exe
-
Size
2.6MB
-
Sample
241113-wk7jeszmdn
-
MD5
1aa115cc0d1b0c21ae6e41cf8753d949
-
SHA1
0e4889820edcc1aa6de2141a129d964db4308a8c
-
SHA256
a2c4792c72354a4d9ba484fd68dce51182e71eab8d7f479af4d7c76391342025
-
SHA512
efff64995a9256f4720b47bf04672fc4fe581f40909f29648ccadb52235124945cbcc7355c1e3ead4279e3b41da828b4f1bc7d697e0d746087e1ef97b4240c13
-
SSDEEP
49152:nH3d6woElfeifmBROgBHY8IybAQXqg13b1WZsBmUiI49oa:Xd6TE0smBR7BHY8IyMQZ5l4oa
Static task
static1
Behavioral task
behavioral1
Sample
a2c4792c72354a4d9ba484fd68dce51182e71eab8d7f479af4d7c76391342025.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
a2c4792c72354a4d9ba484fd68dce51182e71eab8d7f479af4d7c76391342025.exe
-
Size
2.6MB
-
MD5
1aa115cc0d1b0c21ae6e41cf8753d949
-
SHA1
0e4889820edcc1aa6de2141a129d964db4308a8c
-
SHA256
a2c4792c72354a4d9ba484fd68dce51182e71eab8d7f479af4d7c76391342025
-
SHA512
efff64995a9256f4720b47bf04672fc4fe581f40909f29648ccadb52235124945cbcc7355c1e3ead4279e3b41da828b4f1bc7d697e0d746087e1ef97b4240c13
-
SSDEEP
49152:nH3d6woElfeifmBROgBHY8IybAQXqg13b1WZsBmUiI49oa:Xd6TE0smBR7BHY8IyMQZ5l4oa
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2