General
-
Target
G-00923 SCHEMATIC DRAWING.exe
-
Size
394KB
-
Sample
201009-azdjh3x2as
-
MD5
b11bd28d54e471b569bf6a7c3667314b
-
SHA1
86a1f4a6dacfb53c209ec2c083b78927b9817386
-
SHA256
48ee79a7379d43d060969a9909836f4b3236c55ec551d1b33dd97c1c35f57a59
-
SHA512
9b4bae35e16a4effe56592d00d8633ee456a48164787440e71fd9da8bb973f2389b1e328cf3370012bba361fdb8977f1edf23056425b197126b4c96667683f35
Static task
static1
Behavioral task
behavioral1
Sample
G-00923 SCHEMATIC DRAWING.exe
Resource
win7
Malware Config
Targets
-
-
Target
G-00923 SCHEMATIC DRAWING.exe
-
Size
394KB
-
MD5
b11bd28d54e471b569bf6a7c3667314b
-
SHA1
86a1f4a6dacfb53c209ec2c083b78927b9817386
-
SHA256
48ee79a7379d43d060969a9909836f4b3236c55ec551d1b33dd97c1c35f57a59
-
SHA512
9b4bae35e16a4effe56592d00d8633ee456a48164787440e71fd9da8bb973f2389b1e328cf3370012bba361fdb8977f1edf23056425b197126b4c96667683f35
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-