General
-
Target
2965cecc8e11e1e4817626926dd78cdc92e071b323f4fec46f0c3800ab7b3d92.exe
-
Size
1.7MB
-
Sample
241117-jvjh5avfme
-
MD5
53a815ea818141d183590391331490ad
-
SHA1
666554ca5b327427db1bdcb3b8880f2f4373fd5f
-
SHA256
2965cecc8e11e1e4817626926dd78cdc92e071b323f4fec46f0c3800ab7b3d92
-
SHA512
53fcfc29c548f68ab48f44ae091da576fff7c2e7a31bd6600cfe8a72b04462a5cea5d2c8fdf83c706fbe942ce1183e8d1c670ce24300bf513a9495ff0d6c0d90
-
SSDEEP
49152:ANpmFknRlfDdJ87xN8CxhX62uAAlS0Dx:sminex6Cx9wtd
Static task
static1
Behavioral task
behavioral1
Sample
2965cecc8e11e1e4817626926dd78cdc92e071b323f4fec46f0c3800ab7b3d92.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2965cecc8e11e1e4817626926dd78cdc92e071b323f4fec46f0c3800ab7b3d92.exe
-
Size
1.7MB
-
MD5
53a815ea818141d183590391331490ad
-
SHA1
666554ca5b327427db1bdcb3b8880f2f4373fd5f
-
SHA256
2965cecc8e11e1e4817626926dd78cdc92e071b323f4fec46f0c3800ab7b3d92
-
SHA512
53fcfc29c548f68ab48f44ae091da576fff7c2e7a31bd6600cfe8a72b04462a5cea5d2c8fdf83c706fbe942ce1183e8d1c670ce24300bf513a9495ff0d6c0d90
-
SSDEEP
49152:ANpmFknRlfDdJ87xN8CxhX62uAAlS0Dx:sminex6Cx9wtd
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-