General
-
Target
d0b0fa167a57a05747d2726ada20b157d18f2417e7b08a8953ec6bbbee4b72dd
-
Size
56KB
-
Sample
211124-kz8jgsfea4
-
MD5
bbbdf0137f22c8704de96271aae6ef13
-
SHA1
9dabbf253dcd7f631c6e255a3be3e6951b2d30a1
-
SHA256
d0b0fa167a57a05747d2726ada20b157d18f2417e7b08a8953ec6bbbee4b72dd
-
SHA512
900ce252491570c94cf49c7205efbba6058c78fb1a27af8a348ab78036b6218227c15b9bf4ddc5d7904ea574536447f775f7a63fdf9d3a98948596a7f5bfe004
Static task
static1
Malware Config
Targets
-
-
Target
d0b0fa167a57a05747d2726ada20b157d18f2417e7b08a8953ec6bbbee4b72dd
-
Size
56KB
-
MD5
bbbdf0137f22c8704de96271aae6ef13
-
SHA1
9dabbf253dcd7f631c6e255a3be3e6951b2d30a1
-
SHA256
d0b0fa167a57a05747d2726ada20b157d18f2417e7b08a8953ec6bbbee4b72dd
-
SHA512
900ce252491570c94cf49c7205efbba6058c78fb1a27af8a348ab78036b6218227c15b9bf4ddc5d7904ea574536447f775f7a63fdf9d3a98948596a7f5bfe004
-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-