General
-
Target
70b494b0a8fdf054926829dcb3235fc7bd0346b6a19faf2a57891c71043b3b38.exe
-
Size
1.6MB
-
Sample
241121-gstvzatndp
-
MD5
3c9e71400b72cc0213c9c3e4ab4df9df
-
SHA1
bdb632b27ddb200693c1b0b80819a7463d4e7a98
-
SHA256
70b494b0a8fdf054926829dcb3235fc7bd0346b6a19faf2a57891c71043b3b38
-
SHA512
c7a02fadb9fbbe0cf05dddd6a78cbf48b9030638420b421b4ff83816ae1cabbe54656b4e1c8e4020cacab93388934b6c79d3d21fe560ed4c7131ad5eba481ed0
-
SSDEEP
24576:5gDgaE2r55ENJSOZ8jsAMZMF2kPupVevS6ieT17cZ/hJMIYO0:+D9vrrs8OZxZI+wvTTahqO
Malware Config
Targets
-
-
Target
70b494b0a8fdf054926829dcb3235fc7bd0346b6a19faf2a57891c71043b3b38.exe
-
Size
1.6MB
-
MD5
3c9e71400b72cc0213c9c3e4ab4df9df
-
SHA1
bdb632b27ddb200693c1b0b80819a7463d4e7a98
-
SHA256
70b494b0a8fdf054926829dcb3235fc7bd0346b6a19faf2a57891c71043b3b38
-
SHA512
c7a02fadb9fbbe0cf05dddd6a78cbf48b9030638420b421b4ff83816ae1cabbe54656b4e1c8e4020cacab93388934b6c79d3d21fe560ed4c7131ad5eba481ed0
-
SSDEEP
24576:5gDgaE2r55ENJSOZ8jsAMZMF2kPupVevS6ieT17cZ/hJMIYO0:+D9vrrs8OZxZI+wvTTahqO
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-