General
-
Target
6d23bf5807afab26bdd7802571e5d9f36bbb8ce73762b005c49737864cbfb13d
-
Size
2.8MB
-
Sample
241121-mf36rs1bjc
-
MD5
2c2ef4a8598a91d781960d9ae7d8ca86
-
SHA1
15978d01dc759609debb3c09ffb7cf75136a2edd
-
SHA256
6d23bf5807afab26bdd7802571e5d9f36bbb8ce73762b005c49737864cbfb13d
-
SHA512
5e7e8eb53b082741cf2db7abc37aa7fc664798ade105991378a3c5e8a3470eedefb46ae9abf0975f2d83c818fc82291592b702eb249eac2203bc3445ead72a57
-
SSDEEP
49152:c/0h+LP03PX5DwDRsPIoXwGbGyf1zOxQ0qW1kvkAz1sJF:cyQP03PX5DwDRsQIqy9zS71WkA0
Static task
static1
Behavioral task
behavioral1
Sample
6d23bf5807afab26bdd7802571e5d9f36bbb8ce73762b005c49737864cbfb13d.exe
Resource
win7-20241023-en
Malware Config
Targets
-
-
Target
6d23bf5807afab26bdd7802571e5d9f36bbb8ce73762b005c49737864cbfb13d
-
Size
2.8MB
-
MD5
2c2ef4a8598a91d781960d9ae7d8ca86
-
SHA1
15978d01dc759609debb3c09ffb7cf75136a2edd
-
SHA256
6d23bf5807afab26bdd7802571e5d9f36bbb8ce73762b005c49737864cbfb13d
-
SHA512
5e7e8eb53b082741cf2db7abc37aa7fc664798ade105991378a3c5e8a3470eedefb46ae9abf0975f2d83c818fc82291592b702eb249eac2203bc3445ead72a57
-
SSDEEP
49152:c/0h+LP03PX5DwDRsPIoXwGbGyf1zOxQ0qW1kvkAz1sJF:cyQP03PX5DwDRsQIqy9zS71WkA0
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2