General
-
Target
482b3d609f547c1ca3c65e42fb8b7447da245121781edac72e414fb7b20f9ec2.exe
-
Size
1.8MB
-
Sample
241120-c49ckszbjr
-
MD5
de2aa4b5f127f55c09506cd57962267f
-
SHA1
ffac9d997902c2f0f8eebe41e4d75fbfe11d09ba
-
SHA256
482b3d609f547c1ca3c65e42fb8b7447da245121781edac72e414fb7b20f9ec2
-
SHA512
d7639d334ec27d150b84f0adbc9a168c28e25557b0a0f3a21b3a7769143b0aeeba45f3198a9c07edcd95cf17df9921506785c13e16c0eea73071b1b9e7e0244f
-
SSDEEP
24576:utOQ/3jokTBCNeCBy6gBggCHsIWAIgSlDtXeSVErvaKFFDsXEALE3r9MGPmtz8d:w3jxPCIp+WZJXe4ExFZsXEjb9a
Malware Config
Targets
-
-
Target
482b3d609f547c1ca3c65e42fb8b7447da245121781edac72e414fb7b20f9ec2.exe
-
Size
1.8MB
-
MD5
de2aa4b5f127f55c09506cd57962267f
-
SHA1
ffac9d997902c2f0f8eebe41e4d75fbfe11d09ba
-
SHA256
482b3d609f547c1ca3c65e42fb8b7447da245121781edac72e414fb7b20f9ec2
-
SHA512
d7639d334ec27d150b84f0adbc9a168c28e25557b0a0f3a21b3a7769143b0aeeba45f3198a9c07edcd95cf17df9921506785c13e16c0eea73071b1b9e7e0244f
-
SSDEEP
24576:utOQ/3jokTBCNeCBy6gBggCHsIWAIgSlDtXeSVErvaKFFDsXEALE3r9MGPmtz8d:w3jxPCIp+WZJXe4ExFZsXEjb9a
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
2