General
-
Target
file.exe
-
Size
2.6MB
-
Sample
241122-bp71jaxmdl
-
MD5
e52648a7fe5cf3471772acda81fd2765
-
SHA1
dd385f3a714b32b1f5f056166b42e4cf8446c5af
-
SHA256
fa39001e5e217ead48fec7c40d1160b3bbd7f392ba01adf0182791347c7f10a9
-
SHA512
70f881ca9c12971c33c6057b796d45580399e9d7c0b7ac1a8598529d5e0203c0796ca44844bc1bba28766ae31089609282d55be04ad064346c4a30bc36271d45
-
SSDEEP
24576:qD9tSm3H4DPlmpS5Js1bzniby1l9hcOOGirDxnc2DJDC5zB10E6qGR0b22Cfe4AJ:quNr98bL51uNnD45t+725Cfe4AgY
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
2.6MB
-
MD5
e52648a7fe5cf3471772acda81fd2765
-
SHA1
dd385f3a714b32b1f5f056166b42e4cf8446c5af
-
SHA256
fa39001e5e217ead48fec7c40d1160b3bbd7f392ba01adf0182791347c7f10a9
-
SHA512
70f881ca9c12971c33c6057b796d45580399e9d7c0b7ac1a8598529d5e0203c0796ca44844bc1bba28766ae31089609282d55be04ad064346c4a30bc36271d45
-
SSDEEP
24576:qD9tSm3H4DPlmpS5Js1bzniby1l9hcOOGirDxnc2DJDC5zB10E6qGR0b22Cfe4AJ:quNr98bL51uNnD45t+725Cfe4AgY
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2