General
-
Target
d488822521f7d0508d17d03923c83e0cfba3285518093ce385ff3b7e31cfa122
-
Size
1.7MB
-
Sample
241117-s5n12atblj
-
MD5
7e49d88ac571e5c78fdaa08fde637a9a
-
SHA1
5b97a3c45497d8b0e8cec831ef1b45636eb17e83
-
SHA256
d488822521f7d0508d17d03923c83e0cfba3285518093ce385ff3b7e31cfa122
-
SHA512
8bf08f7d9f68655d7ec9281b88b1defa00da653f848b9241c43fe56b694a3b3d54188a192cb6cb9812a26942aa71f026cf50d9263d30129808ecc2f9ffcd7d75
-
SSDEEP
24576:pU5Pb51WTGUYY3hD9xqn5O6viilRreay5Bpe2/u+9O87G4NbnxzcJv25OXfBYSnl:8PLae6rxmOsteLVe2/5EJ/Jv7qGDxOd
Static task
static1
Behavioral task
behavioral1
Sample
d488822521f7d0508d17d03923c83e0cfba3285518093ce385ff3b7e31cfa122.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
d488822521f7d0508d17d03923c83e0cfba3285518093ce385ff3b7e31cfa122
-
Size
1.7MB
-
MD5
7e49d88ac571e5c78fdaa08fde637a9a
-
SHA1
5b97a3c45497d8b0e8cec831ef1b45636eb17e83
-
SHA256
d488822521f7d0508d17d03923c83e0cfba3285518093ce385ff3b7e31cfa122
-
SHA512
8bf08f7d9f68655d7ec9281b88b1defa00da653f848b9241c43fe56b694a3b3d54188a192cb6cb9812a26942aa71f026cf50d9263d30129808ecc2f9ffcd7d75
-
SSDEEP
24576:pU5Pb51WTGUYY3hD9xqn5O6viilRreay5Bpe2/u+9O87G4NbnxzcJv25OXfBYSnl:8PLae6rxmOsteLVe2/5EJ/Jv7qGDxOd
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-