General
-
Target
3664a8b68a3baf4f6066969ede3e2927c58313888ff3dcc8e69a2bb0459de124.exe
-
Size
1.7MB
-
Sample
241117-jxm94azjgj
-
MD5
d409dfc53c1bb2d58387d0b089cfbb9f
-
SHA1
be7339164f73f85e4657b119ebc9e8782f3642c9
-
SHA256
3664a8b68a3baf4f6066969ede3e2927c58313888ff3dcc8e69a2bb0459de124
-
SHA512
9d1a3af88bdcceb3c9c7134d96242e3c0c4d838c3e46db3cc27540783f8c457b6e98ad52805b442169aec465060403d83e6a2c65144c711fb952963db911189a
-
SSDEEP
24576:bTM9v8klyPXNxv6lWDLWJYLPRXT03ml7gpB7E9xGO3/qTPqS9b3lBX4SCH9E:cV4xv6lWfSYTRIfBICOvqTPh95BCd
Static task
static1
Behavioral task
behavioral1
Sample
3664a8b68a3baf4f6066969ede3e2927c58313888ff3dcc8e69a2bb0459de124.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
3664a8b68a3baf4f6066969ede3e2927c58313888ff3dcc8e69a2bb0459de124.exe
-
Size
1.7MB
-
MD5
d409dfc53c1bb2d58387d0b089cfbb9f
-
SHA1
be7339164f73f85e4657b119ebc9e8782f3642c9
-
SHA256
3664a8b68a3baf4f6066969ede3e2927c58313888ff3dcc8e69a2bb0459de124
-
SHA512
9d1a3af88bdcceb3c9c7134d96242e3c0c4d838c3e46db3cc27540783f8c457b6e98ad52805b442169aec465060403d83e6a2c65144c711fb952963db911189a
-
SSDEEP
24576:bTM9v8klyPXNxv6lWDLWJYLPRXT03ml7gpB7E9xGO3/qTPqS9b3lBX4SCH9E:cV4xv6lWfSYTRIfBICOvqTPh95BCd
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-