General
-
Target
157729dd7b080136325dc69a91df8f2c0bddd35bb8efafe3734af9a897251a17.exe
-
Size
1.7MB
-
Sample
241117-jszsbstrfy
-
MD5
297edc9b9b9e88deca62083be326fb15
-
SHA1
8ee9f123258485aa9d72765313a5a245f50bf972
-
SHA256
157729dd7b080136325dc69a91df8f2c0bddd35bb8efafe3734af9a897251a17
-
SHA512
c03c45041f38e727fae62fbf461679d80704ac5d1a5649b8ece2c0541ef7384284eb87953ba0fe63eb82aa88fd27db778fc27859a05f9b40e12a6b78b6216577
-
SSDEEP
24576:B6Sw9qbMZov5v5ISas8FLK09dtWZjo2rdUjXAjg1ICwlnwD2ZmgFwz4uF:0D9Iz0uxZE2R2XkgWJlnwD2EgFc
Static task
static1
Behavioral task
behavioral1
Sample
157729dd7b080136325dc69a91df8f2c0bddd35bb8efafe3734af9a897251a17.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
157729dd7b080136325dc69a91df8f2c0bddd35bb8efafe3734af9a897251a17.exe
-
Size
1.7MB
-
MD5
297edc9b9b9e88deca62083be326fb15
-
SHA1
8ee9f123258485aa9d72765313a5a245f50bf972
-
SHA256
157729dd7b080136325dc69a91df8f2c0bddd35bb8efafe3734af9a897251a17
-
SHA512
c03c45041f38e727fae62fbf461679d80704ac5d1a5649b8ece2c0541ef7384284eb87953ba0fe63eb82aa88fd27db778fc27859a05f9b40e12a6b78b6216577
-
SSDEEP
24576:B6Sw9qbMZov5v5ISas8FLK09dtWZjo2rdUjXAjg1ICwlnwD2ZmgFwz4uF:0D9Iz0uxZE2R2XkgWJlnwD2EgFc
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-