General
-
Target
5994170951041024.zip
-
Size
1.0MB
-
Sample
210809-4n181jwhhj
-
MD5
29d4d910e33b2c141ab86f4a2048454f
-
SHA1
f0d4cc8202c4cc2e1d58c6cb654a0d1919e533c6
-
SHA256
9a68f76e256898529baa7f02461b87acd24075b0717c36d99efba4e244b65ef2
-
SHA512
fb4df208eb867c91d244f4649118ac8e14a109ff5e7efb047a44b5ed3d49923c6022cddf331a3de5e0faeaac2d429fb61ad63db1de0a03cf5c1c950d0912325a
Static task
static1
Behavioral task
behavioral1
Sample
4ab4899a6b0f33e7e04867c61bb2f3564ed6fde325d75871f75543adf99d71ce.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
4ab4899a6b0f33e7e04867c61bb2f3564ed6fde325d75871f75543adf99d71ce.exe
Resource
win10v20210408
Malware Config
Extracted
oski
12345678987654321.link
Targets
-
-
Target
4ab4899a6b0f33e7e04867c61bb2f3564ed6fde325d75871f75543adf99d71ce
-
Size
1.7MB
-
MD5
6972fe73b5e81cb52e0472ff6617b3a9
-
SHA1
d3adbcd45ea322f4d813540bdadd9989c274b18d
-
SHA256
4ab4899a6b0f33e7e04867c61bb2f3564ed6fde325d75871f75543adf99d71ce
-
SHA512
38e84ba8d8d39987bedafbe71a16b933a17a43938c1a4fc5994f18d212c5c553c0eec4640bad5233dcd3b72a285458781202f62d99d5df4171f1fddd64813f63
Score10/10-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-