General
-
Target
17ce8b653c4935b7bdf917bf557196ba7bb1823efdc288b763cbef66076eba3f
-
Size
5.2MB
-
Sample
240630-xszdfswdrn
-
MD5
87ef3527cf7401308dc30288b947e602
-
SHA1
993b93af240488b27d9899afcbe93245d476f29a
-
SHA256
17ce8b653c4935b7bdf917bf557196ba7bb1823efdc288b763cbef66076eba3f
-
SHA512
86e10e250bcf0df6da9347de7117305c633b22e428ce1cf1acd8bb2824d9b0733d6de0ab77877024abbd9162ec9c9771a1a1855a7d1e40ba18f630bce8dd84f9
-
SSDEEP
98304:iEly4+oidoxQyDeSGM6dChKuVnFQVa/+NcEhNDEKv+J9CZpBPImfNE7dqjYPf:iElHmd8DeSGjOXnGurEhhxv+axIkwYq
Static task
static1
Behavioral task
behavioral1
Sample
17ce8b653c4935b7bdf917bf557196ba7bb1823efdc288b763cbef66076eba3f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
17ce8b653c4935b7bdf917bf557196ba7bb1823efdc288b763cbef66076eba3f.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
17ce8b653c4935b7bdf917bf557196ba7bb1823efdc288b763cbef66076eba3f
-
Size
5.2MB
-
MD5
87ef3527cf7401308dc30288b947e602
-
SHA1
993b93af240488b27d9899afcbe93245d476f29a
-
SHA256
17ce8b653c4935b7bdf917bf557196ba7bb1823efdc288b763cbef66076eba3f
-
SHA512
86e10e250bcf0df6da9347de7117305c633b22e428ce1cf1acd8bb2824d9b0733d6de0ab77877024abbd9162ec9c9771a1a1855a7d1e40ba18f630bce8dd84f9
-
SSDEEP
98304:iEly4+oidoxQyDeSGM6dChKuVnFQVa/+NcEhNDEKv+J9CZpBPImfNE7dqjYPf:iElHmd8DeSGjOXnGurEhhxv+axIkwYq
Score9/10-
Detects executables packed with Dotfuscator
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
UPX dump on OEP (original entry point)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-