General
-
Target
w(1).rar
-
Size
4.4MB
-
Sample
240630-y1ybssxenq
-
MD5
de4585713a9369206bbe2d63339fdce3
-
SHA1
0e533e5e1e476b0e454b2a334b8c4475f4defa3a
-
SHA256
2038d335e18e3621f07b054f611a8042a89dae7621248c4db5048c414fbcc19a
-
SHA512
35ab5421b31a5b751347347bddfe8cbf30e6333736c38afa02e757f66a4918d6ccbcac0c0404aae12ac33667e0202a794c3cff99897f44075e58cc58d5dfc6bb
-
SSDEEP
98304:BvAOO00i7P59Xzt2nevBH+IykRrZseietjLwC:BoO3jP59XztTTsoPwC
Behavioral task
behavioral1
Sample
w/Glix.exe
Resource
win11-20240508-en
Behavioral task
behavioral2
Sample
w/cpr.dll
Resource
win11-20240611-en
Behavioral task
behavioral3
Sample
w/libcurl.dll
Resource
win11-20240508-en
Behavioral task
behavioral4
Sample
w/xxhash.dll
Resource
win11-20240611-en
Behavioral task
behavioral5
Sample
w/zlib1.dll
Resource
win11-20240419-en
Behavioral task
behavioral6
Sample
w/zstd.dll
Resource
win11-20240508-en
Malware Config
Targets
-
-
Target
w/Glix.exe
-
Size
3.8MB
-
MD5
045f740def841f8d26ccfbfe817875f9
-
SHA1
db2bdafff4932acca4c7ad606b1d7d4c47d6d0da
-
SHA256
e08cdc72c6a80a83a6ef55e23c4b89095470ef3eab91e99a8a5ff9e1aabf69c3
-
SHA512
d9a3fd84e9338e1b89559bbcb0ff3acc139b555614771e47a62ad9982c9a793c336a9fef82a330b58cd041b1a105eb33b753a2232bcf81d308068e35042a7d5f
-
SSDEEP
98304:bvUzB93cgv7DjQ/uhu1pLVaszNYdHjfdIzsYNIKZrXJcO:Al9cgUOurRasJYdfdIo0I8rXeO
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
w/cpr.dll
-
Size
538KB
-
MD5
11a8d39fbb43da427957e87c0da6422e
-
SHA1
0b6c928ad9010c6665637dbb51718eeb324efd20
-
SHA256
15c04c6b7261984e1a66a08d6ce2ac1b5d353d9709a0b7d79a0ac0f866fc6300
-
SHA512
686575e811af4e4730b726d1a5f7793a8a3518f7adf015bff88dda5ec215488de78d75585405ec0d2d9639964fb8df8c78ab6c4bfd7dd0cf34ad2fc1c6d6820d
-
SSDEEP
3072:3iL5Ia+j82tKqAPKk/k6/LGiGC3FOnrXRLbtxUxUJoXipxaJ6Fae1H7nM/:Y+YR/k6TG7CgBLxxbeXIaJsDH7n0
Score1/10 -
-
-
Target
w/libcurl.dll
-
Size
522KB
-
MD5
810069154354544376983e47506ef7de
-
SHA1
36d0b270b3b20ebb68e0671626e5d82d8e60d5ae
-
SHA256
88fceef289646eb8d44a8aa9685a747799d479f72b50d2c7a3a672a66b6742d4
-
SHA512
dd46ef90163e1fa5f124e7757e6e9eb8b9822c51b9d6b5fabda7a3168f4b2c85a904594128dd29a84aaceb20856c1732c0aaed9db80032402e41106a3e5de460
-
SSDEEP
12288:UY7DfTvHmlv4DHQQnbBzXU5obh/Xarj7+9EuG9:UGfjmlv2nnVzX11Xsy9EB9
Score1/10 -
-
-
Target
w/xxhash.dll
-
Size
45KB
-
MD5
38a87bff4aea9e595ede175f6b734f8a
-
SHA1
ea0bc25292f730fea597c57a5b105023d5a286a6
-
SHA256
e41c7830b6b26a9215078972657b0d789b74f9befbc30b50057ba0b4fd9539d4
-
SHA512
c44653ddea051f2e776ee5af67d3343405b4083bef4a596c277a2b1e37651e2607e694eb19db819d5ab6ba20cdd3c6435fcf55d2aecf08a978c0a74c33c4167a
-
SSDEEP
768:/9otvM7DZ1LMDJdj+LVvgFlJus4zBYNXK3QDV:/9UEDLMDJxKM0sceXKA
Score1/10 -
-
-
Target
w/zlib1.dll
-
Size
87KB
-
MD5
3b5256a2a65c59d4f2d45c28a55996ec
-
SHA1
3fadc1fb82664376b2f255986352594c82c85097
-
SHA256
7eb9e3f677b38e0c34f29d2814b9aa471f242931cfefaa98deed77a1171721a4
-
SHA512
af5be3361267910ee518f262daa48df829b40a922d61c9dd079901cb361fb73b148de46b8067fc43509a750a30a149e9688d4ebdfa4514cd8779198b6c43565b
-
SSDEEP
1536:w7AjHHWMmn17hkzjEpzkEWtR6l9RFIOcIOsbX/FhZZD:wsjH2Mm10jEpA6vRPSsbX/TZZD
Score1/10 -
-
-
Target
w/zstd.dll
-
Size
634KB
-
MD5
eb8b280cbdf96296a4d02cdf33c5af07
-
SHA1
5d79020ea116a0fd40e5c97c9a828ac536a61c77
-
SHA256
e375ac00701cced00c6a126da7774c674a5577d02fba54670db67ba5216b9655
-
SHA512
5aceecb6a8b4b4ee13fb6057f591c6c4b56a1148e28927191d2152b48c72462f3bdba734319e463afb141c20b3a134fd518c44a1093ff40485d3674a12119ee4
-
SSDEEP
12288:qilExK/S1adDEh1qMkUFZe8/pJcOAAqqlI:qilEb1adDEh1qMkYZe8/pJxAAllI
Score1/10 -