General
-
Target
59d49f942c7408e16c52e3c26953468b049cd76d8d62f1d814625e6bc3792ef3
-
Size
2.7MB
-
Sample
241117-jksdaayqcm
-
MD5
97867b90c67abcb58f21e80f007287a0
-
SHA1
257376a97e66a375262a54a936904bb23c5d2363
-
SHA256
59d49f942c7408e16c52e3c26953468b049cd76d8d62f1d814625e6bc3792ef3
-
SHA512
fc72eea7675695a7fe4f6252be2b1f4bdc448d15c7735239c4e2bfcb598d3f90f2738fb8e898fbbb5420da81f227ff235e32218e5c22499f4015db8d676cf73c
-
SSDEEP
49152:f91kvaAB7AUywjWpQ9BVzaIne57iNRa84to0e8eI+cdp:rkvaAB7AUywaSBVzaIne52NRa84to0eW
Static task
static1
Behavioral task
behavioral1
Sample
59d49f942c7408e16c52e3c26953468b049cd76d8d62f1d814625e6bc3792ef3.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
59d49f942c7408e16c52e3c26953468b049cd76d8d62f1d814625e6bc3792ef3
-
Size
2.7MB
-
MD5
97867b90c67abcb58f21e80f007287a0
-
SHA1
257376a97e66a375262a54a936904bb23c5d2363
-
SHA256
59d49f942c7408e16c52e3c26953468b049cd76d8d62f1d814625e6bc3792ef3
-
SHA512
fc72eea7675695a7fe4f6252be2b1f4bdc448d15c7735239c4e2bfcb598d3f90f2738fb8e898fbbb5420da81f227ff235e32218e5c22499f4015db8d676cf73c
-
SSDEEP
49152:f91kvaAB7AUywjWpQ9BVzaIne57iNRa84to0e8eI+cdp:rkvaAB7AUywaSBVzaIne52NRa84to0eW
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2