General

  • Target

    31e250c067e640fc77f9aa27e95c8e2c7811239bc4e0743942099a53d2331538

  • Size

    1.7MB

  • Sample

    241117-js1pmavfke

  • MD5

    e856531e19c346e547485cdd8e3fed71

  • SHA1

    91af2510e4fb899e24dd7f16749c4f949c671c1d

  • SHA256

    31e250c067e640fc77f9aa27e95c8e2c7811239bc4e0743942099a53d2331538

  • SHA512

    3803ba9bb27efcb204a4da2d7e5bab7e163da8ee6a35ffb94145fa109a8b3f7f707ddb01d44b3bba7a41f8824b9188efa339e924163d027f3690113344b539d3

  • SSDEEP

    24576:Mkn7zDHfrerpfhiRU52oS6jcSnncrp+6AoTOSDEntUvheZ4KmogMAVtvCGeXVj:d7f/i1PS86AgvDctUvMZ43aAOZV

Score
9/10

Malware Config

Targets

    • Target

      31e250c067e640fc77f9aa27e95c8e2c7811239bc4e0743942099a53d2331538

    • Size

      1.7MB

    • MD5

      e856531e19c346e547485cdd8e3fed71

    • SHA1

      91af2510e4fb899e24dd7f16749c4f949c671c1d

    • SHA256

      31e250c067e640fc77f9aa27e95c8e2c7811239bc4e0743942099a53d2331538

    • SHA512

      3803ba9bb27efcb204a4da2d7e5bab7e163da8ee6a35ffb94145fa109a8b3f7f707ddb01d44b3bba7a41f8824b9188efa339e924163d027f3690113344b539d3

    • SSDEEP

      24576:Mkn7zDHfrerpfhiRU52oS6jcSnncrp+6AoTOSDEntUvheZ4KmogMAVtvCGeXVj:d7f/i1PS86AgvDctUvMZ43aAOZV

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks