General
-
Target
53cbf6e8136b46bccacc78871cb92efb13c6eaaf555b71493fd749aedab63a1f.exe
-
Size
2.7MB
-
Sample
241120-c7wwnatmfl
-
MD5
2391bf7c8409b5125fb9143f75a7d052
-
SHA1
7729b100845ec6ff313d70d261f51acd31e1427f
-
SHA256
53cbf6e8136b46bccacc78871cb92efb13c6eaaf555b71493fd749aedab63a1f
-
SHA512
c21ee402731beb7f15a7a9b7ee6177a57048f830995689796c372eeaacb8d5b7b88479cbb96d13867f73c19836c34a17c84a631da23fce181d45eac094604697
-
SSDEEP
24576:GH3FGG4n2ED5ziH27pagmRyXMi9pha+uNKhk9zoVun6tk0BYa48tsK1ZSeE5XapM:sg/NzfWEv7y+k0PMKP+EkWAIYMwzWVQ
Malware Config
Targets
-
-
Target
53cbf6e8136b46bccacc78871cb92efb13c6eaaf555b71493fd749aedab63a1f.exe
-
Size
2.7MB
-
MD5
2391bf7c8409b5125fb9143f75a7d052
-
SHA1
7729b100845ec6ff313d70d261f51acd31e1427f
-
SHA256
53cbf6e8136b46bccacc78871cb92efb13c6eaaf555b71493fd749aedab63a1f
-
SHA512
c21ee402731beb7f15a7a9b7ee6177a57048f830995689796c372eeaacb8d5b7b88479cbb96d13867f73c19836c34a17c84a631da23fce181d45eac094604697
-
SSDEEP
24576:GH3FGG4n2ED5ziH27pagmRyXMi9pha+uNKhk9zoVun6tk0BYa48tsK1ZSeE5XapM:sg/NzfWEv7y+k0PMKP+EkWAIYMwzWVQ
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Windows security modification
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2