General
-
Target
30aaff9081e5f855aadf4f3f9f9a2e6c6c19e52269ca0433ee049ef9a972fc48.exe
-
Size
2.7MB
-
Sample
241117-jw7mcazjfj
-
MD5
29ab316adae71c96b839165fed5ba98e
-
SHA1
4161c4e04e8f005143e34db3a36b6d5e041b5475
-
SHA256
30aaff9081e5f855aadf4f3f9f9a2e6c6c19e52269ca0433ee049ef9a972fc48
-
SHA512
a37e9724d03d63499620b17e23f558616d20c9c9a650b831e23626515c9fd4d7c21ee170e0e5efde64121511f2ef07ead22518d0b3e7d64bdff1b1915e5f773f
-
SSDEEP
24576:tzqVutE4dA8NRNYluV8ZhUVLiE39i0Sb2176p1WRG7g0QVyaFComW+o2F2JuEJQv:ZQmNNYxT7KAaFCoDVJQsJxvw
Static task
static1
Behavioral task
behavioral1
Sample
30aaff9081e5f855aadf4f3f9f9a2e6c6c19e52269ca0433ee049ef9a972fc48.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
30aaff9081e5f855aadf4f3f9f9a2e6c6c19e52269ca0433ee049ef9a972fc48.exe
-
Size
2.7MB
-
MD5
29ab316adae71c96b839165fed5ba98e
-
SHA1
4161c4e04e8f005143e34db3a36b6d5e041b5475
-
SHA256
30aaff9081e5f855aadf4f3f9f9a2e6c6c19e52269ca0433ee049ef9a972fc48
-
SHA512
a37e9724d03d63499620b17e23f558616d20c9c9a650b831e23626515c9fd4d7c21ee170e0e5efde64121511f2ef07ead22518d0b3e7d64bdff1b1915e5f773f
-
SSDEEP
24576:tzqVutE4dA8NRNYluV8ZhUVLiE39i0Sb2176p1WRG7g0QVyaFComW+o2F2JuEJQv:ZQmNNYxT7KAaFCoDVJQsJxvw
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2