General
-
Target
e6ad1d53d8a2ecdbf77d597454b0260965b357693c0e525c0ffc81b283f4c7a6.exe
-
Size
1.7MB
-
Sample
241120-d8gnss1cjj
-
MD5
e26ad37f58eaf809521e5050bebf9be4
-
SHA1
b3468cf198d25f6453d40c65274082eec17a3572
-
SHA256
e6ad1d53d8a2ecdbf77d597454b0260965b357693c0e525c0ffc81b283f4c7a6
-
SHA512
9537de4e1d98c2af93ff81db3a09c21aa0769ebda86b6b905b6275e84f341492d223ad8a74820dd55b9511ccae5c2404a3dd0ec48a94552174b61c5381528791
-
SSDEEP
49152:2aOr7HzbqRofF6Ty5vGiIpgOqSdMmX43pGJEf5VX:2Z7PKTy5ehprqSdlX4kyBVX
Malware Config
Targets
-
-
Target
e6ad1d53d8a2ecdbf77d597454b0260965b357693c0e525c0ffc81b283f4c7a6.exe
-
Size
1.7MB
-
MD5
e26ad37f58eaf809521e5050bebf9be4
-
SHA1
b3468cf198d25f6453d40c65274082eec17a3572
-
SHA256
e6ad1d53d8a2ecdbf77d597454b0260965b357693c0e525c0ffc81b283f4c7a6
-
SHA512
9537de4e1d98c2af93ff81db3a09c21aa0769ebda86b6b905b6275e84f341492d223ad8a74820dd55b9511ccae5c2404a3dd0ec48a94552174b61c5381528791
-
SSDEEP
49152:2aOr7HzbqRofF6Ty5vGiIpgOqSdMmX43pGJEf5VX:2Z7PKTy5ehprqSdlX4kyBVX
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
2