General
-
Target
a1b9bf43e9488615465150e648fa594e98c21114214456696626d82439c05345
-
Size
4.2MB
-
Sample
241117-tcknkssnbx
-
MD5
94b60bd275ec39f3ad8b9030941ac33e
-
SHA1
5039074352bb79df6728ea5fb7ed226efe79a23f
-
SHA256
a1b9bf43e9488615465150e648fa594e98c21114214456696626d82439c05345
-
SHA512
f514d9b21063ea52711b5ba4e649f7b3bd47c09a2d1ab9f1f59cd1eb9aad74bc042b0f40c884ae7cb2e63c51b7fca720c15d20b632cb3385f1a1f0d51dfb0baf
-
SSDEEP
98304:9R3BeHXSW7VBA0bU7qaTP0U7EjIrLsoweuVHysgYFjrioHWXq0:9neiWI0Y8KEAsDe8HFg0Leq
Static task
static1
Behavioral task
behavioral1
Sample
a1b9bf43e9488615465150e648fa594e98c21114214456696626d82439c05345.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
a1b9bf43e9488615465150e648fa594e98c21114214456696626d82439c05345
-
Size
4.2MB
-
MD5
94b60bd275ec39f3ad8b9030941ac33e
-
SHA1
5039074352bb79df6728ea5fb7ed226efe79a23f
-
SHA256
a1b9bf43e9488615465150e648fa594e98c21114214456696626d82439c05345
-
SHA512
f514d9b21063ea52711b5ba4e649f7b3bd47c09a2d1ab9f1f59cd1eb9aad74bc042b0f40c884ae7cb2e63c51b7fca720c15d20b632cb3385f1a1f0d51dfb0baf
-
SSDEEP
98304:9R3BeHXSW7VBA0bU7qaTP0U7EjIrLsoweuVHysgYFjrioHWXq0:9neiWI0Y8KEAsDe8HFg0Leq
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-