General
-
Target
783f9bab0999b921ee53e62c7255a546c44e01e00fad05b3a395b4fbedc8bed6
-
Size
530KB
-
Sample
201111-5qcek2w9fj
-
MD5
f73a094b2992b7527413560954fb05a2
-
SHA1
e62b577e94dc156a1d5f0b276fffd2fb42f48853
-
SHA256
783f9bab0999b921ee53e62c7255a546c44e01e00fad05b3a395b4fbedc8bed6
-
SHA512
4d0b4fbd893e81cda106fc888f6eb1ebca02e21da40e869d045ca4013d5203d95c017831c2c1c6cba344216232957c645a902dd12d40b61d69ba5c70d50e34f7
Static task
static1
Behavioral task
behavioral1
Sample
783f9bab0999b921ee53e62c7255a546c44e01e00fad05b3a395b4fbedc8bed6.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
783f9bab0999b921ee53e62c7255a546c44e01e00fad05b3a395b4fbedc8bed6
-
Size
530KB
-
MD5
f73a094b2992b7527413560954fb05a2
-
SHA1
e62b577e94dc156a1d5f0b276fffd2fb42f48853
-
SHA256
783f9bab0999b921ee53e62c7255a546c44e01e00fad05b3a395b4fbedc8bed6
-
SHA512
4d0b4fbd893e81cda106fc888f6eb1ebca02e21da40e869d045ca4013d5203d95c017831c2c1c6cba344216232957c645a902dd12d40b61d69ba5c70d50e34f7
-
Modifies WinLogon for persistence
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-