General

  • Target

    157729dd7b080136325dc69a91df8f2c0bddd35bb8efafe3734af9a897251a17.exe

  • Size

    1.7MB

  • Sample

    241117-jszsbstrfy

  • MD5

    297edc9b9b9e88deca62083be326fb15

  • SHA1

    8ee9f123258485aa9d72765313a5a245f50bf972

  • SHA256

    157729dd7b080136325dc69a91df8f2c0bddd35bb8efafe3734af9a897251a17

  • SHA512

    c03c45041f38e727fae62fbf461679d80704ac5d1a5649b8ece2c0541ef7384284eb87953ba0fe63eb82aa88fd27db778fc27859a05f9b40e12a6b78b6216577

  • SSDEEP

    24576:B6Sw9qbMZov5v5ISas8FLK09dtWZjo2rdUjXAjg1ICwlnwD2ZmgFwz4uF:0D9Iz0uxZE2R2XkgWJlnwD2EgFc

Score
9/10

Malware Config

Targets

    • Target

      157729dd7b080136325dc69a91df8f2c0bddd35bb8efafe3734af9a897251a17.exe

    • Size

      1.7MB

    • MD5

      297edc9b9b9e88deca62083be326fb15

    • SHA1

      8ee9f123258485aa9d72765313a5a245f50bf972

    • SHA256

      157729dd7b080136325dc69a91df8f2c0bddd35bb8efafe3734af9a897251a17

    • SHA512

      c03c45041f38e727fae62fbf461679d80704ac5d1a5649b8ece2c0541ef7384284eb87953ba0fe63eb82aa88fd27db778fc27859a05f9b40e12a6b78b6216577

    • SSDEEP

      24576:B6Sw9qbMZov5v5ISas8FLK09dtWZjo2rdUjXAjg1ICwlnwD2ZmgFwz4uF:0D9Iz0uxZE2R2XkgWJlnwD2EgFc

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks