General
-
Target
f7b28824e3a45ba5f96b6c0d2233dd9f818912f7e6b69d2a5a037c8823220621.exe
-
Size
1.7MB
-
Sample
241117-rhsj9s1ket
-
MD5
cc4814443625e3d73a4ce191873a2990
-
SHA1
d4044b6f955b0b5303471f49da0e8af46bb66a3c
-
SHA256
f7b28824e3a45ba5f96b6c0d2233dd9f818912f7e6b69d2a5a037c8823220621
-
SHA512
4c309e78f5846df7b67ac45ded7072ae9dcde7c7dd799b0563395726b4901c6e60d814e8d540a9c1b4084e5c94d961a7eb9623b292bdb5b15760f5015c172aaa
-
SSDEEP
24576:IbK1O9Vn0uAT5YjrsePX8mbLsZGzQst7OsU/VfNLHxUhkKeq4KdtFuN:IX9VndyYjrsePMokGzQs7aNLRckxS7F
Static task
static1
Behavioral task
behavioral1
Sample
f7b28824e3a45ba5f96b6c0d2233dd9f818912f7e6b69d2a5a037c8823220621.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
f7b28824e3a45ba5f96b6c0d2233dd9f818912f7e6b69d2a5a037c8823220621.exe
-
Size
1.7MB
-
MD5
cc4814443625e3d73a4ce191873a2990
-
SHA1
d4044b6f955b0b5303471f49da0e8af46bb66a3c
-
SHA256
f7b28824e3a45ba5f96b6c0d2233dd9f818912f7e6b69d2a5a037c8823220621
-
SHA512
4c309e78f5846df7b67ac45ded7072ae9dcde7c7dd799b0563395726b4901c6e60d814e8d540a9c1b4084e5c94d961a7eb9623b292bdb5b15760f5015c172aaa
-
SSDEEP
24576:IbK1O9Vn0uAT5YjrsePX8mbLsZGzQst7OsU/VfNLHxUhkKeq4KdtFuN:IX9VndyYjrsePMokGzQs7aNLRckxS7F
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-