General
-
Target
d5c1749976539f8bc24fe0ebd9032a743688266dab0ef4f22ade7562759493bb
-
Size
1.7MB
-
Sample
241117-jf7meatpew
-
MD5
fa1582e782135fbb85839a45e3c30ad1
-
SHA1
1cb8b7cf5d5e31214b02c95c2c514bebb69bb9aa
-
SHA256
d5c1749976539f8bc24fe0ebd9032a743688266dab0ef4f22ade7562759493bb
-
SHA512
e31488999762cd41637d0f20912ed19db5ed307df31474cb75ea495f5db6f21afc95132df8eb55ed2c37bc0aece0bdc6019bf5e082d547e91ac302ccabc3dfe1
-
SSDEEP
49152:dKzAd6vBDajveno8Vu6b3PZj7wJEQzq4CVv+hJNcSc:dZd6Z2j2n7blz+oSc
Static task
static1
Behavioral task
behavioral1
Sample
d5c1749976539f8bc24fe0ebd9032a743688266dab0ef4f22ade7562759493bb.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
d5c1749976539f8bc24fe0ebd9032a743688266dab0ef4f22ade7562759493bb
-
Size
1.7MB
-
MD5
fa1582e782135fbb85839a45e3c30ad1
-
SHA1
1cb8b7cf5d5e31214b02c95c2c514bebb69bb9aa
-
SHA256
d5c1749976539f8bc24fe0ebd9032a743688266dab0ef4f22ade7562759493bb
-
SHA512
e31488999762cd41637d0f20912ed19db5ed307df31474cb75ea495f5db6f21afc95132df8eb55ed2c37bc0aece0bdc6019bf5e082d547e91ac302ccabc3dfe1
-
SSDEEP
49152:dKzAd6vBDajveno8Vu6b3PZj7wJEQzq4CVv+hJNcSc:dZd6Z2j2n7blz+oSc
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
2