General
-
Target
db0f249748fb31530d72d027959bad5726208495cf75dd02ef69a07ea094583a
-
Size
3.0MB
-
Sample
241117-lcy7za1lfp
-
MD5
08f07a0a24c5bde2084bfb4d21c3b45e
-
SHA1
8071e1d7f74de834341e67a444dea33b518edb4b
-
SHA256
db0f249748fb31530d72d027959bad5726208495cf75dd02ef69a07ea094583a
-
SHA512
4d311561a0f94e12f104fc87e7309d87912f1ae6fc75fe22740a250046e90143b3825303fde9d62bebc2946801bb0d16a651c856bfe4de5703446e1463ff9513
-
SSDEEP
49152:diJaWgbztm4msYoaXZByKN/5tcBjWRhzH1RSts3/TGwer:diQWGM4jYo8ByKNR6BjWRlusLGL
Static task
static1
Behavioral task
behavioral1
Sample
db0f249748fb31530d72d027959bad5726208495cf75dd02ef69a07ea094583a.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
db0f249748fb31530d72d027959bad5726208495cf75dd02ef69a07ea094583a
-
Size
3.0MB
-
MD5
08f07a0a24c5bde2084bfb4d21c3b45e
-
SHA1
8071e1d7f74de834341e67a444dea33b518edb4b
-
SHA256
db0f249748fb31530d72d027959bad5726208495cf75dd02ef69a07ea094583a
-
SHA512
4d311561a0f94e12f104fc87e7309d87912f1ae6fc75fe22740a250046e90143b3825303fde9d62bebc2946801bb0d16a651c856bfe4de5703446e1463ff9513
-
SSDEEP
49152:diJaWgbztm4msYoaXZByKN/5tcBjWRhzH1RSts3/TGwer:diQWGM4jYo8ByKNR6BjWRlusLGL
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
2