General
-
Target
8eb399f775d3db740a67a3098c38eba7da3e282c8e4d9dc84590e7784c564850
-
Size
2.7MB
-
Sample
241117-j181zazkdq
-
MD5
2ffe7c4fe26d0674b29fe5e66f445284
-
SHA1
e673d6b3f5222ba39508a3bbe2623dfb021de71c
-
SHA256
8eb399f775d3db740a67a3098c38eba7da3e282c8e4d9dc84590e7784c564850
-
SHA512
5dde69d4c63de859c5420f062cde7ed5a2cd533012c00893b96402d71bf6fb626c0e232d6d8d4dedfefaf85ef998b82be5533a9788cfa33a072e1a7ebc034af5
-
SSDEEP
49152:nm/71Ud4T1TR4wUIdj10Fj7/qDNRWdCshC:m/71Ud4ZTR2IR10FjGDNAs6
Static task
static1
Behavioral task
behavioral1
Sample
8eb399f775d3db740a67a3098c38eba7da3e282c8e4d9dc84590e7784c564850.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
8eb399f775d3db740a67a3098c38eba7da3e282c8e4d9dc84590e7784c564850
-
Size
2.7MB
-
MD5
2ffe7c4fe26d0674b29fe5e66f445284
-
SHA1
e673d6b3f5222ba39508a3bbe2623dfb021de71c
-
SHA256
8eb399f775d3db740a67a3098c38eba7da3e282c8e4d9dc84590e7784c564850
-
SHA512
5dde69d4c63de859c5420f062cde7ed5a2cd533012c00893b96402d71bf6fb626c0e232d6d8d4dedfefaf85ef998b82be5533a9788cfa33a072e1a7ebc034af5
-
SSDEEP
49152:nm/71Ud4T1TR4wUIdj10Fj7/qDNRWdCshC:m/71Ud4ZTR2IR10FjGDNAs6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2