General
-
Target
d101a3ab758fbdd7964bdfe3fc4261628f096468597b4dff9027a60d13c951b3
-
Size
3.0MB
-
Sample
241117-rk8n9s1hlc
-
MD5
5a374b51d43cf807c59a3ef6b92bbe81
-
SHA1
ced44019acd1464610cfa2329abd1d439407b431
-
SHA256
d101a3ab758fbdd7964bdfe3fc4261628f096468597b4dff9027a60d13c951b3
-
SHA512
527e6f07f07ca2cbd34cd3eb9363a5ea3ccf732777b728d765ddaf11db400984bb62c90611c5f11b96f638166013eabbc7d3144991b78ac709ba466ac54e3ef0
-
SSDEEP
98304:ZJ/1P1Y/JjHKjgL5dmYk/PwlO09DgLCQ+0:ZJ/1AJk/Pdm
Static task
static1
Behavioral task
behavioral1
Sample
d101a3ab758fbdd7964bdfe3fc4261628f096468597b4dff9027a60d13c951b3.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
d101a3ab758fbdd7964bdfe3fc4261628f096468597b4dff9027a60d13c951b3
-
Size
3.0MB
-
MD5
5a374b51d43cf807c59a3ef6b92bbe81
-
SHA1
ced44019acd1464610cfa2329abd1d439407b431
-
SHA256
d101a3ab758fbdd7964bdfe3fc4261628f096468597b4dff9027a60d13c951b3
-
SHA512
527e6f07f07ca2cbd34cd3eb9363a5ea3ccf732777b728d765ddaf11db400984bb62c90611c5f11b96f638166013eabbc7d3144991b78ac709ba466ac54e3ef0
-
SSDEEP
98304:ZJ/1P1Y/JjHKjgL5dmYk/PwlO09DgLCQ+0:ZJ/1AJk/Pdm
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-