General
-
Target
31fa84c2fd1626a571dd7895fd2e149d7eb003a7bc9037615cb71f07571edb0f.exe
-
Size
2.7MB
-
Sample
241117-jxeb7avhjp
-
MD5
6baac82565614419657461187756f86e
-
SHA1
e5759600f149acde660e3c174fd0c853e2dbedd6
-
SHA256
31fa84c2fd1626a571dd7895fd2e149d7eb003a7bc9037615cb71f07571edb0f
-
SHA512
9bccc70f1c959b1f49fac482a89ecb934f707b28717b0c75521445f12e922656e5a9c44b07d294760ef53d776984cc89bf34fda631f7633f3d578a2b2a4a9cd7
-
SSDEEP
24576:hPCiFFuFqz7F8nVxnEliverMosXcNnendHSJg4ZiYQSDH7quOCm3Xx+rkxgRGtz6:5FFuFqz7GVWlc6Kk/GCU+Itrm9ut5KR
Static task
static1
Behavioral task
behavioral1
Sample
31fa84c2fd1626a571dd7895fd2e149d7eb003a7bc9037615cb71f07571edb0f.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
31fa84c2fd1626a571dd7895fd2e149d7eb003a7bc9037615cb71f07571edb0f.exe
-
Size
2.7MB
-
MD5
6baac82565614419657461187756f86e
-
SHA1
e5759600f149acde660e3c174fd0c853e2dbedd6
-
SHA256
31fa84c2fd1626a571dd7895fd2e149d7eb003a7bc9037615cb71f07571edb0f
-
SHA512
9bccc70f1c959b1f49fac482a89ecb934f707b28717b0c75521445f12e922656e5a9c44b07d294760ef53d776984cc89bf34fda631f7633f3d578a2b2a4a9cd7
-
SSDEEP
24576:hPCiFFuFqz7F8nVxnEliverMosXcNnendHSJg4ZiYQSDH7quOCm3Xx+rkxgRGtz6:5FFuFqz7GVWlc6Kk/GCU+Itrm9ut5KR
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2