General
-
Target
9f1169888c4c2acd65e79928bb27a686204fa3b622b921a7ee56c7a735924eb6.exe
-
Size
1.9MB
-
Sample
241210-drwfmaxjbm
-
MD5
e96cd9e1c8cbc927c9c445e155d5bd75
-
SHA1
6c8d7a80cb4635fda0f7b799ace942dcd10b3700
-
SHA256
9f1169888c4c2acd65e79928bb27a686204fa3b622b921a7ee56c7a735924eb6
-
SHA512
419cb0650a718f7356335745a64d441d8693c48181692bdfb22da508fa993e93772f5ee89ae5085e5ae3d04f28936b57e12e6704291be6acc45041744ba7f413
-
SSDEEP
49152:eRJRsQKXMvZE4segXYDkhUSmH25YEKuGcFXB:eTRvEfKk+jHKKmF
Static task
static1
Behavioral task
behavioral1
Sample
9f1169888c4c2acd65e79928bb27a686204fa3b622b921a7ee56c7a735924eb6.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
9f1169888c4c2acd65e79928bb27a686204fa3b622b921a7ee56c7a735924eb6.exe
-
Size
1.9MB
-
MD5
e96cd9e1c8cbc927c9c445e155d5bd75
-
SHA1
6c8d7a80cb4635fda0f7b799ace942dcd10b3700
-
SHA256
9f1169888c4c2acd65e79928bb27a686204fa3b622b921a7ee56c7a735924eb6
-
SHA512
419cb0650a718f7356335745a64d441d8693c48181692bdfb22da508fa993e93772f5ee89ae5085e5ae3d04f28936b57e12e6704291be6acc45041744ba7f413
-
SSDEEP
49152:eRJRsQKXMvZE4segXYDkhUSmH25YEKuGcFXB:eTRvEfKk+jHKKmF
-
Gcleaner family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Downloads MZ/PE file
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-