General
-
Target
file.exe
-
Size
1.9MB
-
Sample
241213-lr7gwstrgx
-
MD5
2e164f8eb316718ae1c48ed84e05dc9f
-
SHA1
653b1c1598a62782b58e52dd3f2c53355aad94fa
-
SHA256
323426e01a17e9974e2c710c0708a7232d250a2a7aa815ee7fdfac5f634af0e2
-
SHA512
4c47f3284fb5220338700b8a86892184fc9956844dd041a88b47d35ebabbb4a70a3922158f02c3f40e594a74f70e6c1f929750404a2b09240535ed7d91dce4a4
-
SSDEEP
24576:FZjVHfyt/9PRZ9j7d8t0Dls0wnohMQbqzXRqv2ZkA/35YZrPJlGmvrjynr4aAgiH:FZ9G9tfd40adoijcv6WflG4Dnr
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
file.exe
-
Size
1.9MB
-
MD5
2e164f8eb316718ae1c48ed84e05dc9f
-
SHA1
653b1c1598a62782b58e52dd3f2c53355aad94fa
-
SHA256
323426e01a17e9974e2c710c0708a7232d250a2a7aa815ee7fdfac5f634af0e2
-
SHA512
4c47f3284fb5220338700b8a86892184fc9956844dd041a88b47d35ebabbb4a70a3922158f02c3f40e594a74f70e6c1f929750404a2b09240535ed7d91dce4a4
-
SSDEEP
24576:FZjVHfyt/9PRZ9j7d8t0Dls0wnohMQbqzXRqv2ZkA/35YZrPJlGmvrjynr4aAgiH:FZ9G9tfd40adoijcv6WflG4Dnr
-
Gcleaner family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Downloads MZ/PE file
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-