General
-
Target
29762972dd0e10353291e0cceb21dbcf10ae6ffcc4af3fcfa173dfdc814fb611.exe
-
Size
2.7MB
-
Sample
241117-jvmksavfmf
-
MD5
d0ada1de4825c08abe2db50924767ddd
-
SHA1
8184a46d63bf5e5d6d4f42c51a223d175677a694
-
SHA256
29762972dd0e10353291e0cceb21dbcf10ae6ffcc4af3fcfa173dfdc814fb611
-
SHA512
0a5f046306cdf06f397936c55b69f16501ae02b520696b02e183437771a13e86d1f39eb76a31430cb3b35ff179ff9db507d9638c5ba71c65a8d7725eec04b0dc
-
SSDEEP
49152:DvKFw/qJtGfYzI18IEnaok1+yonYlgFJy2OgnZi:DCFw/qJtMiI1Maok1+9F8FgZ
Static task
static1
Behavioral task
behavioral1
Sample
29762972dd0e10353291e0cceb21dbcf10ae6ffcc4af3fcfa173dfdc814fb611.exe
Resource
win7-20241023-en
Malware Config
Targets
-
-
Target
29762972dd0e10353291e0cceb21dbcf10ae6ffcc4af3fcfa173dfdc814fb611.exe
-
Size
2.7MB
-
MD5
d0ada1de4825c08abe2db50924767ddd
-
SHA1
8184a46d63bf5e5d6d4f42c51a223d175677a694
-
SHA256
29762972dd0e10353291e0cceb21dbcf10ae6ffcc4af3fcfa173dfdc814fb611
-
SHA512
0a5f046306cdf06f397936c55b69f16501ae02b520696b02e183437771a13e86d1f39eb76a31430cb3b35ff179ff9db507d9638c5ba71c65a8d7725eec04b0dc
-
SSDEEP
49152:DvKFw/qJtGfYzI18IEnaok1+yonYlgFJy2OgnZi:DCFw/qJtMiI1Maok1+9F8FgZ
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2