General
-
Target
160219433f3f191e8be48a33775c0c5bfbb731bc87fb5ab7cd0bca3d20801d31.exe
-
Size
1.7MB
-
Sample
241117-js2xpatrf1
-
MD5
d2c651579adda1ad75763d77f722112f
-
SHA1
d9c10344a0b3566809d78e7fa12e132dc7d9801a
-
SHA256
160219433f3f191e8be48a33775c0c5bfbb731bc87fb5ab7cd0bca3d20801d31
-
SHA512
87fb6dc5dc5d1eda087d8bfb01046b85674743e479a7c08899a12715966e187801675e5084ac9706a7e47b8ae43894af4d368d68d03f12c3905537d609b02ad5
-
SSDEEP
49152:aSr2gLADwKcd5bd89abKTRGO5MPt/kNEu7CIn+tRO:dLADWbqabKTsO5MhWP+tc
Static task
static1
Behavioral task
behavioral1
Sample
160219433f3f191e8be48a33775c0c5bfbb731bc87fb5ab7cd0bca3d20801d31.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
160219433f3f191e8be48a33775c0c5bfbb731bc87fb5ab7cd0bca3d20801d31.exe
-
Size
1.7MB
-
MD5
d2c651579adda1ad75763d77f722112f
-
SHA1
d9c10344a0b3566809d78e7fa12e132dc7d9801a
-
SHA256
160219433f3f191e8be48a33775c0c5bfbb731bc87fb5ab7cd0bca3d20801d31
-
SHA512
87fb6dc5dc5d1eda087d8bfb01046b85674743e479a7c08899a12715966e187801675e5084ac9706a7e47b8ae43894af4d368d68d03f12c3905537d609b02ad5
-
SSDEEP
49152:aSr2gLADwKcd5bd89abKTRGO5MPt/kNEu7CIn+tRO:dLADWbqabKTsO5MhWP+tc
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-