General
-
Target
2253ae04edaef1fa9d0724d5cff285045b0fbc93ffe6f88d4ffbfdbf48307e56.exe
-
Size
1.8MB
-
Sample
241119-x61tfawjgl
-
MD5
4e51e8e50133ee68d3360d2d3edbd518
-
SHA1
23be0075db0062545c30718b89f408085a5c6c91
-
SHA256
2253ae04edaef1fa9d0724d5cff285045b0fbc93ffe6f88d4ffbfdbf48307e56
-
SHA512
5e50df9ad16a2158711ca933946ad36cae7a97c24e456545e69973a0e5bd2c67add8856446923117c6a8003d29de472f3f56c80976a6fd9b5a8fdbd821c2cd32
-
SSDEEP
24576:/Zwvqft3aATGojceKV6JI0dn/dWRa3QSUAcd/epHrqWHjGZ0Myq1UmQJ9YoL8tiJ:BD1KAKeKwxQSrQepHr3MytmQfYoAlu
Malware Config
Targets
-
-
Target
2253ae04edaef1fa9d0724d5cff285045b0fbc93ffe6f88d4ffbfdbf48307e56.exe
-
Size
1.8MB
-
MD5
4e51e8e50133ee68d3360d2d3edbd518
-
SHA1
23be0075db0062545c30718b89f408085a5c6c91
-
SHA256
2253ae04edaef1fa9d0724d5cff285045b0fbc93ffe6f88d4ffbfdbf48307e56
-
SHA512
5e50df9ad16a2158711ca933946ad36cae7a97c24e456545e69973a0e5bd2c67add8856446923117c6a8003d29de472f3f56c80976a6fd9b5a8fdbd821c2cd32
-
SSDEEP
24576:/Zwvqft3aATGojceKV6JI0dn/dWRa3QSUAcd/epHrqWHjGZ0Myq1UmQJ9YoL8tiJ:BD1KAKeKwxQSrQepHr3MytmQfYoAlu
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
2