General
-
Target
25b9aba533d955355406863543ee7998ba935d26871532395d348b7011363cc5.exe
-
Size
2.7MB
-
Sample
241117-jt1q1svjav
-
MD5
8a22eb031e1cc219f7d7c7932616eb11
-
SHA1
323fef7b5c0e29020571b58604859bf8f9ef67d0
-
SHA256
25b9aba533d955355406863543ee7998ba935d26871532395d348b7011363cc5
-
SHA512
4b1b1013239ff541c1fc93562668d997288dcf151e6b5ccb9d1dbcc77e6907d840bca9b0644562a36ce80822cdb1fd85dd7ff7d4a4ef4d76ef920a7bd4518fe5
-
SSDEEP
49152:+hkiEK0CybX0nk86pjS+WgSjqP5SS8Gnl+4YwIQjSY:piEK0TbX0nk86ph2GP5SRww4YwIkj
Static task
static1
Behavioral task
behavioral1
Sample
25b9aba533d955355406863543ee7998ba935d26871532395d348b7011363cc5.exe
Resource
win7-20241023-en
Malware Config
Targets
-
-
Target
25b9aba533d955355406863543ee7998ba935d26871532395d348b7011363cc5.exe
-
Size
2.7MB
-
MD5
8a22eb031e1cc219f7d7c7932616eb11
-
SHA1
323fef7b5c0e29020571b58604859bf8f9ef67d0
-
SHA256
25b9aba533d955355406863543ee7998ba935d26871532395d348b7011363cc5
-
SHA512
4b1b1013239ff541c1fc93562668d997288dcf151e6b5ccb9d1dbcc77e6907d840bca9b0644562a36ce80822cdb1fd85dd7ff7d4a4ef4d76ef920a7bd4518fe5
-
SSDEEP
49152:+hkiEK0CybX0nk86pjS+WgSjqP5SS8Gnl+4YwIQjSY:piEK0TbX0nk86ph2GP5SRww4YwIkj
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2