General
-
Target
f1e8cf3de1aea025924dcb35453a560bfb0276f319c8d18b96ae4e60d3518045.exe
-
Size
4.2MB
-
Sample
241117-rgs5eawldp
-
MD5
ee1a8dfe4d670146cab8b89d2ecc7c56
-
SHA1
5bae91df317305aa0b17afe3f0abac339c2274f1
-
SHA256
f1e8cf3de1aea025924dcb35453a560bfb0276f319c8d18b96ae4e60d3518045
-
SHA512
65c181636a2a742d3d7201452fe06e6505306c23700676a52c38509355a9e6212c740542d65e39155fa80cf140ea0100e52547751ab0b2d7a1ad2a3014b713e1
-
SSDEEP
98304:Ibvvu8rRWL1Z6VGEh20ULqSQgdyUwqi/o5CE5HuSPe577G:cnud19C2l2gdyTcCSdA7
Static task
static1
Behavioral task
behavioral1
Sample
f1e8cf3de1aea025924dcb35453a560bfb0276f319c8d18b96ae4e60d3518045.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
f1e8cf3de1aea025924dcb35453a560bfb0276f319c8d18b96ae4e60d3518045.exe
-
Size
4.2MB
-
MD5
ee1a8dfe4d670146cab8b89d2ecc7c56
-
SHA1
5bae91df317305aa0b17afe3f0abac339c2274f1
-
SHA256
f1e8cf3de1aea025924dcb35453a560bfb0276f319c8d18b96ae4e60d3518045
-
SHA512
65c181636a2a742d3d7201452fe06e6505306c23700676a52c38509355a9e6212c740542d65e39155fa80cf140ea0100e52547751ab0b2d7a1ad2a3014b713e1
-
SSDEEP
98304:Ibvvu8rRWL1Z6VGEh20ULqSQgdyUwqi/o5CE5HuSPe577G:cnud19C2l2gdyTcCSdA7
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-