General
-
Target
64a5b57d555ef999a209a254c0324edd6f03832ee9f688444e101f526662c5b3.exe
-
Size
2.6MB
-
Sample
241122-c14mxsymek
-
MD5
21f1d579996c0e223529d781d9390c05
-
SHA1
db238f2cc489e22158603b17a49e6fd43b314d74
-
SHA256
64a5b57d555ef999a209a254c0324edd6f03832ee9f688444e101f526662c5b3
-
SHA512
b33f98a8cd81a3cb0cffb4aaff551156e0aa384dffe8b7b7f6751370221be6f504f12c79aa38df7967c9c06a57b42e59d76f12fa3594e797d42aabc2896277c9
-
SSDEEP
24576:RBs2Yty3S5XqyOqARl+LWWQsmQn7AKJKrAs3KuOYF5QadGUM768SYKXaTV6cbATy:RCqq2YLWWQi7V681eq6STpzL0a
Static task
static1
Behavioral task
behavioral1
Sample
64a5b57d555ef999a209a254c0324edd6f03832ee9f688444e101f526662c5b3.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
64a5b57d555ef999a209a254c0324edd6f03832ee9f688444e101f526662c5b3.exe
-
Size
2.6MB
-
MD5
21f1d579996c0e223529d781d9390c05
-
SHA1
db238f2cc489e22158603b17a49e6fd43b314d74
-
SHA256
64a5b57d555ef999a209a254c0324edd6f03832ee9f688444e101f526662c5b3
-
SHA512
b33f98a8cd81a3cb0cffb4aaff551156e0aa384dffe8b7b7f6751370221be6f504f12c79aa38df7967c9c06a57b42e59d76f12fa3594e797d42aabc2896277c9
-
SSDEEP
24576:RBs2Yty3S5XqyOqARl+LWWQsmQn7AKJKrAs3KuOYF5QadGUM768SYKXaTV6cbATy:RCqq2YLWWQi7V681eq6STpzL0a
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Impair Defenses
2Disable or Modify Tools
2Modify Registry
2Virtualization/Sandbox Evasion
2