General
-
Target
8b80ca16e9aa37aa50ee75e31a40349eb9611c38548cdd81c4687bf1fdc3e8df
-
Size
2.7MB
-
Sample
241117-tfkgzstcme
-
MD5
f910519b865c4e3d0302ea8aecf3ef54
-
SHA1
877ef8d00cb9d85a950197f06116e622ba5ca005
-
SHA256
8b80ca16e9aa37aa50ee75e31a40349eb9611c38548cdd81c4687bf1fdc3e8df
-
SHA512
75e92afb07d43c4fcbd7db5d035a3c400fbdf126c8db8ace732f848eef6afcbd795ab27779bb79ec2b55fbc44a3c8a631a4fcd5854478593657be32df3350edb
-
SSDEEP
49152:OPfpYzE3rw0M23u1JRbF/aQQHJjMh+gkIQv1p0bfGN96:Sxy6rw0M2GJvGH9PIQdp8m6
Static task
static1
Behavioral task
behavioral1
Sample
8b80ca16e9aa37aa50ee75e31a40349eb9611c38548cdd81c4687bf1fdc3e8df.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
8b80ca16e9aa37aa50ee75e31a40349eb9611c38548cdd81c4687bf1fdc3e8df
-
Size
2.7MB
-
MD5
f910519b865c4e3d0302ea8aecf3ef54
-
SHA1
877ef8d00cb9d85a950197f06116e622ba5ca005
-
SHA256
8b80ca16e9aa37aa50ee75e31a40349eb9611c38548cdd81c4687bf1fdc3e8df
-
SHA512
75e92afb07d43c4fcbd7db5d035a3c400fbdf126c8db8ace732f848eef6afcbd795ab27779bb79ec2b55fbc44a3c8a631a4fcd5854478593657be32df3350edb
-
SSDEEP
49152:OPfpYzE3rw0M23u1JRbF/aQQHJjMh+gkIQv1p0bfGN96:Sxy6rw0M2GJvGH9PIQdp8m6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2