General

  • Target

    2965cecc8e11e1e4817626926dd78cdc92e071b323f4fec46f0c3800ab7b3d92.exe

  • Size

    1.7MB

  • Sample

    241117-jvjh5avfme

  • MD5

    53a815ea818141d183590391331490ad

  • SHA1

    666554ca5b327427db1bdcb3b8880f2f4373fd5f

  • SHA256

    2965cecc8e11e1e4817626926dd78cdc92e071b323f4fec46f0c3800ab7b3d92

  • SHA512

    53fcfc29c548f68ab48f44ae091da576fff7c2e7a31bd6600cfe8a72b04462a5cea5d2c8fdf83c706fbe942ce1183e8d1c670ce24300bf513a9495ff0d6c0d90

  • SSDEEP

    49152:ANpmFknRlfDdJ87xN8CxhX62uAAlS0Dx:sminex6Cx9wtd

Score
9/10

Malware Config

Targets

    • Target

      2965cecc8e11e1e4817626926dd78cdc92e071b323f4fec46f0c3800ab7b3d92.exe

    • Size

      1.7MB

    • MD5

      53a815ea818141d183590391331490ad

    • SHA1

      666554ca5b327427db1bdcb3b8880f2f4373fd5f

    • SHA256

      2965cecc8e11e1e4817626926dd78cdc92e071b323f4fec46f0c3800ab7b3d92

    • SHA512

      53fcfc29c548f68ab48f44ae091da576fff7c2e7a31bd6600cfe8a72b04462a5cea5d2c8fdf83c706fbe942ce1183e8d1c670ce24300bf513a9495ff0d6c0d90

    • SSDEEP

      49152:ANpmFknRlfDdJ87xN8CxhX62uAAlS0Dx:sminex6Cx9wtd

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks