General
-
Target
34339a869a1184d7d63e8463512763e3e87db5e77e4d689d35931fe5f5cc682e
-
Size
1.7MB
-
Sample
241117-jkrfzsvdra
-
MD5
e4ef575ad48baca7434d9cee74c87273
-
SHA1
00448087bb56f89fadb4fa830f04828b1474ddf6
-
SHA256
34339a869a1184d7d63e8463512763e3e87db5e77e4d689d35931fe5f5cc682e
-
SHA512
87d990da31a57abf4d32295ce11458b7dc13144b74461cf3b8c9ed833984cb7febbae6b12af6ae94f3a387889c3b94a76e907f31d3747b73a95f4018569a55bf
-
SSDEEP
49152:MHXzzMa46UQTzA8E0Tnky9l5+y0qQXK7Qjk0nnOA:Ol46U8Hjnky9f+ypQkED
Static task
static1
Behavioral task
behavioral1
Sample
34339a869a1184d7d63e8463512763e3e87db5e77e4d689d35931fe5f5cc682e.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
34339a869a1184d7d63e8463512763e3e87db5e77e4d689d35931fe5f5cc682e
-
Size
1.7MB
-
MD5
e4ef575ad48baca7434d9cee74c87273
-
SHA1
00448087bb56f89fadb4fa830f04828b1474ddf6
-
SHA256
34339a869a1184d7d63e8463512763e3e87db5e77e4d689d35931fe5f5cc682e
-
SHA512
87d990da31a57abf4d32295ce11458b7dc13144b74461cf3b8c9ed833984cb7febbae6b12af6ae94f3a387889c3b94a76e907f31d3747b73a95f4018569a55bf
-
SSDEEP
49152:MHXzzMa46UQTzA8E0Tnky9l5+y0qQXK7Qjk0nnOA:Ol46U8Hjnky9f+ypQkED
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-