General
-
Target
24ebc21fbcba3e741fccf8586855c711.exe
-
Size
489KB
-
Sample
200910-tdv3yva1z2
-
MD5
24ebc21fbcba3e741fccf8586855c711
-
SHA1
3104e6dcb1f22ebf25e8d68a69f288ab3f9e7fc7
-
SHA256
c021395bee57f945cfcd348ddc3d589b004c8575afa1718bd9a60774fde7c2a9
-
SHA512
a9ef0e80a14884c94906f7ebf8b526373ef249091ee1cd3e42e98987254e224e8f68e90d4576b565f9faf26fa85341a165fe9245289cacf68de20cf88be51453
Static task
static1
Behavioral task
behavioral1
Sample
24ebc21fbcba3e741fccf8586855c711.exe
Resource
win7
Malware Config
Targets
-
-
Target
24ebc21fbcba3e741fccf8586855c711.exe
-
Size
489KB
-
MD5
24ebc21fbcba3e741fccf8586855c711
-
SHA1
3104e6dcb1f22ebf25e8d68a69f288ab3f9e7fc7
-
SHA256
c021395bee57f945cfcd348ddc3d589b004c8575afa1718bd9a60774fde7c2a9
-
SHA512
a9ef0e80a14884c94906f7ebf8b526373ef249091ee1cd3e42e98987254e224e8f68e90d4576b565f9faf26fa85341a165fe9245289cacf68de20cf88be51453
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-