General
-
Target
0865b4e2d69561a44f8dcf4da21af282a5796756ff6151f64f051246afdeb163
-
Size
3.0MB
-
Sample
241117-jxnkvszjgk
-
MD5
68060fee433a31ea09a47eb9fc8bb755
-
SHA1
486ebae4ee282981c54274193a7e30119eae5fa5
-
SHA256
0865b4e2d69561a44f8dcf4da21af282a5796756ff6151f64f051246afdeb163
-
SHA512
adb5c29f5a987ec05d9db378a7e0a0af7af2290b17a590edb00426a45ea3661d20c0752fc44a2c83fcff5be72c487ef2548d6aac0510a3216f28cbbb3066ccc7
-
SSDEEP
49152:1Z/Cpy5LQoQDBSfAbVXr1dMl76ySPeP/IXenVCjGr:70y5LQoQDgfs9ZdMweoXeVCir
Static task
static1
Behavioral task
behavioral1
Sample
0865b4e2d69561a44f8dcf4da21af282a5796756ff6151f64f051246afdeb163.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
0865b4e2d69561a44f8dcf4da21af282a5796756ff6151f64f051246afdeb163
-
Size
3.0MB
-
MD5
68060fee433a31ea09a47eb9fc8bb755
-
SHA1
486ebae4ee282981c54274193a7e30119eae5fa5
-
SHA256
0865b4e2d69561a44f8dcf4da21af282a5796756ff6151f64f051246afdeb163
-
SHA512
adb5c29f5a987ec05d9db378a7e0a0af7af2290b17a590edb00426a45ea3661d20c0752fc44a2c83fcff5be72c487ef2548d6aac0510a3216f28cbbb3066ccc7
-
SSDEEP
49152:1Z/Cpy5LQoQDBSfAbVXr1dMl76ySPeP/IXenVCjGr:70y5LQoQDgfs9ZdMweoXeVCir
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
2