General
-
Target
8e8df5163854505f60ade3b67cc5739823e3c5f948d4e042574e91689aad3c10
-
Size
6.3MB
-
Sample
240630-st5jmstbmn
-
MD5
317fb5b216f3fe5ae4fa73667984eaf1
-
SHA1
b9254c70adf6f8cd5be57c4ef1e299c6592e2d78
-
SHA256
8e8df5163854505f60ade3b67cc5739823e3c5f948d4e042574e91689aad3c10
-
SHA512
36537c8d30432b10da8ac7b64bccbfa21c42860d1aac72f795b4d5dc83db9899a03bb603101ea7db381ea3327c4531bead56279592f09a4fac81e6448b8ef7db
-
SSDEEP
196608:OpoSj8peko2IUxn09Svcq3yWPjQIjbteOejKNqHGyIo:OYp3o2BioEqCWPjrjbteOejKNqmO
Static task
static1
Behavioral task
behavioral1
Sample
8e8df5163854505f60ade3b67cc5739823e3c5f948d4e042574e91689aad3c10.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8e8df5163854505f60ade3b67cc5739823e3c5f948d4e042574e91689aad3c10.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
8e8df5163854505f60ade3b67cc5739823e3c5f948d4e042574e91689aad3c10
-
Size
6.3MB
-
MD5
317fb5b216f3fe5ae4fa73667984eaf1
-
SHA1
b9254c70adf6f8cd5be57c4ef1e299c6592e2d78
-
SHA256
8e8df5163854505f60ade3b67cc5739823e3c5f948d4e042574e91689aad3c10
-
SHA512
36537c8d30432b10da8ac7b64bccbfa21c42860d1aac72f795b4d5dc83db9899a03bb603101ea7db381ea3327c4531bead56279592f09a4fac81e6448b8ef7db
-
SSDEEP
196608:OpoSj8peko2IUxn09Svcq3yWPjQIjbteOejKNqHGyIo:OYp3o2BioEqCWPjrjbteOejKNqmO
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-