General
-
Target
cadd60b9148474d2f012c085cff0303b904d406b5b26a347c5833de78c500d16
-
Size
2.7MB
-
Sample
241117-tc67ksxpgq
-
MD5
f3ad0be245b8d64341e531c926984d00
-
SHA1
8feff95465e2bdb327a08b51ddfb2230d74fa8d6
-
SHA256
cadd60b9148474d2f012c085cff0303b904d406b5b26a347c5833de78c500d16
-
SHA512
6a98a9a071dbf5803fc338bbf9d72ae2729a16932ad882f47a3376ddbcf359a804e85aaa592c9e2a4f94c00bdb8e75adce700cd77efff03d0174869092696165
-
SSDEEP
49152:FYi6BdfcD7OFAkIG8AZh4k1S6sAt9IVVdCb:mi6BdcD7OS9Rma
Static task
static1
Behavioral task
behavioral1
Sample
cadd60b9148474d2f012c085cff0303b904d406b5b26a347c5833de78c500d16.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
cadd60b9148474d2f012c085cff0303b904d406b5b26a347c5833de78c500d16
-
Size
2.7MB
-
MD5
f3ad0be245b8d64341e531c926984d00
-
SHA1
8feff95465e2bdb327a08b51ddfb2230d74fa8d6
-
SHA256
cadd60b9148474d2f012c085cff0303b904d406b5b26a347c5833de78c500d16
-
SHA512
6a98a9a071dbf5803fc338bbf9d72ae2729a16932ad882f47a3376ddbcf359a804e85aaa592c9e2a4f94c00bdb8e75adce700cd77efff03d0174869092696165
-
SSDEEP
49152:FYi6BdfcD7OFAkIG8AZh4k1S6sAt9IVVdCb:mi6BdcD7OS9Rma
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2