General
-
Target
69a94137bf10488dd980bc600b3735c8.exe
-
Size
1.9MB
-
Sample
241220-shbgesypbp
-
MD5
69a94137bf10488dd980bc600b3735c8
-
SHA1
da3d908540863d0466fb2d7acab950afaf47d75e
-
SHA256
b53ffd4fc8c3b8759852c9742c3e26b4e3b8ba115ca15229a235db74f59a82db
-
SHA512
2c4737d12aaf57967b0ed3aa224b6e836fa4adc25438ebd795cdb1204e4357f24ab5872bb9d8d47ef34f8083e0dd48e34fb3d53498cf50c8fdd48e36c22a81bf
-
SSDEEP
49152:UW5o5ReXPEz6R3AJBquFqmJI9JiKHMyrGT7gDUcqCchec:UWsRaPK6xAJBqxmJqJhHxG7g4rCk
Static task
static1
Behavioral task
behavioral1
Sample
69a94137bf10488dd980bc600b3735c8.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
69a94137bf10488dd980bc600b3735c8.exe
-
Size
1.9MB
-
MD5
69a94137bf10488dd980bc600b3735c8
-
SHA1
da3d908540863d0466fb2d7acab950afaf47d75e
-
SHA256
b53ffd4fc8c3b8759852c9742c3e26b4e3b8ba115ca15229a235db74f59a82db
-
SHA512
2c4737d12aaf57967b0ed3aa224b6e836fa4adc25438ebd795cdb1204e4357f24ab5872bb9d8d47ef34f8083e0dd48e34fb3d53498cf50c8fdd48e36c22a81bf
-
SSDEEP
49152:UW5o5ReXPEz6R3AJBquFqmJI9JiKHMyrGT7gDUcqCchec:UWsRaPK6xAJBqxmJqJhHxG7g4rCk
-
Gcleaner family
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Downloads MZ/PE file
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-