General
-
Target
8d74dff63ca291a7a5457b6924722959319ff92d8130954bfd8a816d117e6160.exe
-
Size
1.9MB
-
Sample
241207-dhmr5asmfs
-
MD5
c9420e178724864d8be4caa3e0600b89
-
SHA1
0a50a13ada835b4f831a4e47d08a9672efe13bfa
-
SHA256
8d74dff63ca291a7a5457b6924722959319ff92d8130954bfd8a816d117e6160
-
SHA512
734081b83a3213906960d9bcd6573218a22721005d7d7e1250f34de2485c49db17a9f27f34f4da33afc6c2db1ebe9be299ce4ba31a6ec20d2a78ec91dda57947
-
SSDEEP
24576:E6zOB+DZ/GGrQi4LMx+62qQ1h6Pui8ls4IDiZhEmsdNl+biFHLDgyB7gm1/rRo4z:E6G+NeI4LMk5qyjTROfdNl+wLDF1k
Static task
static1
Behavioral task
behavioral1
Sample
8d74dff63ca291a7a5457b6924722959319ff92d8130954bfd8a816d117e6160.exe
Resource
win7-20240903-en
Malware Config
Extracted
gcleaner
92.63.197.221
45.91.200.135
Targets
-
-
Target
8d74dff63ca291a7a5457b6924722959319ff92d8130954bfd8a816d117e6160.exe
-
Size
1.9MB
-
MD5
c9420e178724864d8be4caa3e0600b89
-
SHA1
0a50a13ada835b4f831a4e47d08a9672efe13bfa
-
SHA256
8d74dff63ca291a7a5457b6924722959319ff92d8130954bfd8a816d117e6160
-
SHA512
734081b83a3213906960d9bcd6573218a22721005d7d7e1250f34de2485c49db17a9f27f34f4da33afc6c2db1ebe9be299ce4ba31a6ec20d2a78ec91dda57947
-
SSDEEP
24576:E6zOB+DZ/GGrQi4LMx+62qQ1h6Pui8ls4IDiZhEmsdNl+biFHLDgyB7gm1/rRo4z:E6G+NeI4LMk5qyjTROfdNl+wLDF1k
-
Gcleaner family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-