General
-
Target
17de308f93cd47e444334dd6d973faa2af66ca8f04a666a8b5eee07776f2b103.exe
-
Size
2.7MB
-
Sample
241117-js5ctavgmn
-
MD5
170e3bcb9f4aef122c82d135d0cb0918
-
SHA1
188957f675f1d3271b6a3e660968ddfe9ca90898
-
SHA256
17de308f93cd47e444334dd6d973faa2af66ca8f04a666a8b5eee07776f2b103
-
SHA512
57f37b0c2cc31d2c3bd9d1acafd934484fee789e53ecd151685ca11b070ed9909593726eb98a808a76a465cd251ef4906a84ec428b6177e26cd2fb45d88ce430
-
SSDEEP
49152:5IxIf8wtSUO9y15iq7LLicIsOYQdsZgb7QdbDuNCa:57f8wtSqbiqnOc18lbUZDkB
Static task
static1
Behavioral task
behavioral1
Sample
17de308f93cd47e444334dd6d973faa2af66ca8f04a666a8b5eee07776f2b103.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
17de308f93cd47e444334dd6d973faa2af66ca8f04a666a8b5eee07776f2b103.exe
-
Size
2.7MB
-
MD5
170e3bcb9f4aef122c82d135d0cb0918
-
SHA1
188957f675f1d3271b6a3e660968ddfe9ca90898
-
SHA256
17de308f93cd47e444334dd6d973faa2af66ca8f04a666a8b5eee07776f2b103
-
SHA512
57f37b0c2cc31d2c3bd9d1acafd934484fee789e53ecd151685ca11b070ed9909593726eb98a808a76a465cd251ef4906a84ec428b6177e26cd2fb45d88ce430
-
SSDEEP
49152:5IxIf8wtSUO9y15iq7LLicIsOYQdsZgb7QdbDuNCa:57f8wtSqbiqnOc18lbUZDkB
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2