General
-
Target
31e250c067e640fc77f9aa27e95c8e2c7811239bc4e0743942099a53d2331538
-
Size
1.7MB
-
Sample
241117-js1pmavfke
-
MD5
e856531e19c346e547485cdd8e3fed71
-
SHA1
91af2510e4fb899e24dd7f16749c4f949c671c1d
-
SHA256
31e250c067e640fc77f9aa27e95c8e2c7811239bc4e0743942099a53d2331538
-
SHA512
3803ba9bb27efcb204a4da2d7e5bab7e163da8ee6a35ffb94145fa109a8b3f7f707ddb01d44b3bba7a41f8824b9188efa339e924163d027f3690113344b539d3
-
SSDEEP
24576:Mkn7zDHfrerpfhiRU52oS6jcSnncrp+6AoTOSDEntUvheZ4KmogMAVtvCGeXVj:d7f/i1PS86AgvDctUvMZ43aAOZV
Static task
static1
Behavioral task
behavioral1
Sample
31e250c067e640fc77f9aa27e95c8e2c7811239bc4e0743942099a53d2331538.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
31e250c067e640fc77f9aa27e95c8e2c7811239bc4e0743942099a53d2331538
-
Size
1.7MB
-
MD5
e856531e19c346e547485cdd8e3fed71
-
SHA1
91af2510e4fb899e24dd7f16749c4f949c671c1d
-
SHA256
31e250c067e640fc77f9aa27e95c8e2c7811239bc4e0743942099a53d2331538
-
SHA512
3803ba9bb27efcb204a4da2d7e5bab7e163da8ee6a35ffb94145fa109a8b3f7f707ddb01d44b3bba7a41f8824b9188efa339e924163d027f3690113344b539d3
-
SSDEEP
24576:Mkn7zDHfrerpfhiRU52oS6jcSnncrp+6AoTOSDEntUvheZ4KmogMAVtvCGeXVj:d7f/i1PS86AgvDctUvMZ43aAOZV
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-