General
-
Target
20aa6407587318875a98f4cc567752a4caffcd46104d7f42c427ad8b10317eab.exe
-
Size
1.8MB
-
Sample
241206-cq531avnat
-
MD5
872445f439140f8b8db73ec546971cc9
-
SHA1
86ca54d31ba843a883c352f387a623dd35c09c8c
-
SHA256
20aa6407587318875a98f4cc567752a4caffcd46104d7f42c427ad8b10317eab
-
SHA512
eb28f12e13fabfc1d2ebf768548cafded96006de1c8647f7cdfe37f050d6a16a6cbe2a0e4131dc4a1c7027285bb5d7af544b4168627a793884f1fa169f6aa50c
-
SSDEEP
24576:UB06NnSMYTaEX4H3VXTzQmmVSXmx7ILXocFLwFkue/e0rShVM6vH663KRqRi8QHf:X6NSHX4XVsmmVIm6b7FLwFFET3gKIc
Static task
static1
Behavioral task
behavioral1
Sample
20aa6407587318875a98f4cc567752a4caffcd46104d7f42c427ad8b10317eab.exe
Resource
win7-20240903-en
Malware Config
Extracted
gcleaner
92.63.197.221
45.91.200.135
Targets
-
-
Target
20aa6407587318875a98f4cc567752a4caffcd46104d7f42c427ad8b10317eab.exe
-
Size
1.8MB
-
MD5
872445f439140f8b8db73ec546971cc9
-
SHA1
86ca54d31ba843a883c352f387a623dd35c09c8c
-
SHA256
20aa6407587318875a98f4cc567752a4caffcd46104d7f42c427ad8b10317eab
-
SHA512
eb28f12e13fabfc1d2ebf768548cafded96006de1c8647f7cdfe37f050d6a16a6cbe2a0e4131dc4a1c7027285bb5d7af544b4168627a793884f1fa169f6aa50c
-
SSDEEP
24576:UB06NnSMYTaEX4H3VXTzQmmVSXmx7ILXocFLwFkue/e0rShVM6vH663KRqRi8QHf:X6NSHX4XVsmmVIm6b7FLwFFET3gKIc
-
Gcleaner family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-