General
-
Target
dc41291a53269e0f1094795383c3c01d607acbf0fae98c5eed6a83a17ab6db45
-
Size
2.7MB
-
Sample
241117-jxlfhavhkl
-
MD5
a5931784845d5c095fcd6f539be5b0c6
-
SHA1
5593d35af0003a0012570464ad32ffd66b73f208
-
SHA256
dc41291a53269e0f1094795383c3c01d607acbf0fae98c5eed6a83a17ab6db45
-
SHA512
6e58923e939a5740064dcb8462511f754862fd1785cd3da84af3510139664a18550cdb9df03dc80a04c5a0b3fa46a9f87f1a802158336413fe6f808bfd916fb4
-
SSDEEP
49152:Dy8kDmFJ/43ZUIFDoXy9Pkd8jn+rSxM1UhalyXNzSuSfm:29mj/4pUIFxbxbTN4m
Static task
static1
Behavioral task
behavioral1
Sample
dc41291a53269e0f1094795383c3c01d607acbf0fae98c5eed6a83a17ab6db45.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
dc41291a53269e0f1094795383c3c01d607acbf0fae98c5eed6a83a17ab6db45
-
Size
2.7MB
-
MD5
a5931784845d5c095fcd6f539be5b0c6
-
SHA1
5593d35af0003a0012570464ad32ffd66b73f208
-
SHA256
dc41291a53269e0f1094795383c3c01d607acbf0fae98c5eed6a83a17ab6db45
-
SHA512
6e58923e939a5740064dcb8462511f754862fd1785cd3da84af3510139664a18550cdb9df03dc80a04c5a0b3fa46a9f87f1a802158336413fe6f808bfd916fb4
-
SSDEEP
49152:Dy8kDmFJ/43ZUIFDoXy9Pkd8jn+rSxM1UhalyXNzSuSfm:29mj/4pUIFxbxbTN4m
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2