General
-
Target
APP.exe.zip
-
Size
5.2MB
-
Sample
211023-q4pj3acda6
-
MD5
4f3669edb010f5db21b13a088182b8fe
-
SHA1
892447e55ff7a3ac5d26c573bb8eb4607b41ba1e
-
SHA256
b70b9039ec4b33987a991c5c20729eb3310d7406b8d15161037df3b21fd968bb
-
SHA512
a6c1911bd010c13630b9921fefbfd5a495ed3786e347c208602f25bd9e8f49be28d6711a971bd74f87f303bd312862fea730483045fd4b74410c76e9fbe59ea7
Static task
static1
Behavioral task
behavioral1
Sample
APP.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
APP.exe
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
APP.exe
-
Size
5.2MB
-
MD5
a0b4d2c96937104bcffd21ce69885a59
-
SHA1
6cda6e2bee6d67a5f407e4d7e96af9d76bfa7c79
-
SHA256
72cb50e5791e1fcb11d24bc4cff3b44379a529c5549fbf6f500adcd67bfe9139
-
SHA512
17b1b4de1bddb7f357744ace07509481e80eb8a63fa9c39ee00ecd7eba3b03611eb0e2329e88e20b05e8a2655fa67a7b699c8455c1fa9aebeba4384151ae2ee0
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Modifies Installed Components in the registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-