General
-
Target
73e8b8b48a312fb73bf31d822161a4dfda993449cc46a28bce67e11812f0b8da.exe
-
Size
499KB
-
Sample
210810-f8rbn6fnyj
-
MD5
69120890e2512fa35d4bcce24f94458e
-
SHA1
fb5286025a0696365b7092eb08c8c071459d656b
-
SHA256
73e8b8b48a312fb73bf31d822161a4dfda993449cc46a28bce67e11812f0b8da
-
SHA512
142eb54e5ada6d3c67b79edc8170ce4606afa5906ce1aa32341f32c0c765e5404cea769ed712c7eb5f2e68f500340ebf39d0e21c02ca2599c2ccbacab154ea10
Static task
static1
Behavioral task
behavioral1
Sample
73e8b8b48a312fb73bf31d822161a4dfda993449cc46a28bce67e11812f0b8da.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
73e8b8b48a312fb73bf31d822161a4dfda993449cc46a28bce67e11812f0b8da.exe
-
Size
499KB
-
MD5
69120890e2512fa35d4bcce24f94458e
-
SHA1
fb5286025a0696365b7092eb08c8c071459d656b
-
SHA256
73e8b8b48a312fb73bf31d822161a4dfda993449cc46a28bce67e11812f0b8da
-
SHA512
142eb54e5ada6d3c67b79edc8170ce4606afa5906ce1aa32341f32c0c765e5404cea769ed712c7eb5f2e68f500340ebf39d0e21c02ca2599c2ccbacab154ea10
-
Modifies firewall policy service
-
suricata: ET MALWARE Win32/Neurevt.A/Betabot Check-in 4
suricata: ET MALWARE Win32/Neurevt.A/Betabot Check-in 4
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-