General
-
Target
bf6b7c2d9e35525f679075bae5219cc6
-
Size
846KB
-
Sample
210728-1vq3lkahsa
-
MD5
bf6b7c2d9e35525f679075bae5219cc6
-
SHA1
d5443425dfbe68dcf9b7925a4acaa900a2564759
-
SHA256
6d444fc9baf9b6d7bd7cd76a73297d3a597378b67a722631d2b75582fde2c81e
-
SHA512
452acfaa452276666104c544aff2184e2a497de55caa0eeae9387c0a24b778f0b613164935fc58af3b212e065d838bcfc10618bae5b0fe76263d275c5e9b8ae6
Static task
static1
Behavioral task
behavioral1
Sample
bf6b7c2d9e35525f679075bae5219cc6.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
bf6b7c2d9e35525f679075bae5219cc6
-
Size
846KB
-
MD5
bf6b7c2d9e35525f679075bae5219cc6
-
SHA1
d5443425dfbe68dcf9b7925a4acaa900a2564759
-
SHA256
6d444fc9baf9b6d7bd7cd76a73297d3a597378b67a722631d2b75582fde2c81e
-
SHA512
452acfaa452276666104c544aff2184e2a497de55caa0eeae9387c0a24b778f0b613164935fc58af3b212e065d838bcfc10618bae5b0fe76263d275c5e9b8ae6
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-