General
-
Target
2cb8109695addeeff4fbd5fb4905544d80d345c2eb26d406ec7da35cd27fcea6.exe
-
Size
2.7MB
-
Sample
241117-jvycaavfne
-
MD5
8ca08b6db08a74dd452b1090b9ce2362
-
SHA1
271e31e00959f347f914507863bd6ba20b2a4814
-
SHA256
2cb8109695addeeff4fbd5fb4905544d80d345c2eb26d406ec7da35cd27fcea6
-
SHA512
124f82e121fc20a22b47e41edcec7b8383a19375850e013688f312a3dcc759bac4bd66299e09fa56900706b83da1abd7ba6b9227842e97adafdd01e45e3c617e
-
SSDEEP
49152:00lVdiwIvwgd4LWnYILynewvaxIUNtxc+1gaWMsz0T0W:0wVdlgd4LWnYILyn67NtxZT
Static task
static1
Behavioral task
behavioral1
Sample
2cb8109695addeeff4fbd5fb4905544d80d345c2eb26d406ec7da35cd27fcea6.exe
Resource
win7-20241023-en
Malware Config
Targets
-
-
Target
2cb8109695addeeff4fbd5fb4905544d80d345c2eb26d406ec7da35cd27fcea6.exe
-
Size
2.7MB
-
MD5
8ca08b6db08a74dd452b1090b9ce2362
-
SHA1
271e31e00959f347f914507863bd6ba20b2a4814
-
SHA256
2cb8109695addeeff4fbd5fb4905544d80d345c2eb26d406ec7da35cd27fcea6
-
SHA512
124f82e121fc20a22b47e41edcec7b8383a19375850e013688f312a3dcc759bac4bd66299e09fa56900706b83da1abd7ba6b9227842e97adafdd01e45e3c617e
-
SSDEEP
49152:00lVdiwIvwgd4LWnYILynewvaxIUNtxc+1gaWMsz0T0W:0wVdlgd4LWnYILyn67NtxZT
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2