General

  • Target

    3664a8b68a3baf4f6066969ede3e2927c58313888ff3dcc8e69a2bb0459de124.exe

  • Size

    1.7MB

  • Sample

    241117-jxm94azjgj

  • MD5

    d409dfc53c1bb2d58387d0b089cfbb9f

  • SHA1

    be7339164f73f85e4657b119ebc9e8782f3642c9

  • SHA256

    3664a8b68a3baf4f6066969ede3e2927c58313888ff3dcc8e69a2bb0459de124

  • SHA512

    9d1a3af88bdcceb3c9c7134d96242e3c0c4d838c3e46db3cc27540783f8c457b6e98ad52805b442169aec465060403d83e6a2c65144c711fb952963db911189a

  • SSDEEP

    24576:bTM9v8klyPXNxv6lWDLWJYLPRXT03ml7gpB7E9xGO3/qTPqS9b3lBX4SCH9E:cV4xv6lWfSYTRIfBICOvqTPh95BCd

Score
9/10

Malware Config

Targets

    • Target

      3664a8b68a3baf4f6066969ede3e2927c58313888ff3dcc8e69a2bb0459de124.exe

    • Size

      1.7MB

    • MD5

      d409dfc53c1bb2d58387d0b089cfbb9f

    • SHA1

      be7339164f73f85e4657b119ebc9e8782f3642c9

    • SHA256

      3664a8b68a3baf4f6066969ede3e2927c58313888ff3dcc8e69a2bb0459de124

    • SHA512

      9d1a3af88bdcceb3c9c7134d96242e3c0c4d838c3e46db3cc27540783f8c457b6e98ad52805b442169aec465060403d83e6a2c65144c711fb952963db911189a

    • SSDEEP

      24576:bTM9v8klyPXNxv6lWDLWJYLPRXT03ml7gpB7E9xGO3/qTPqS9b3lBX4SCH9E:cV4xv6lWfSYTRIfBICOvqTPh95BCd

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks