General
-
Target
62b1e737d4d5dc8c.exe
-
Size
3.2MB
-
Sample
211214-hsprpafcd9
-
MD5
857b8efbf5036817578c584fe76ec47c
-
SHA1
bccc88b82326b5d2a6a9bc0775e4e458b087e4cb
-
SHA256
492627d77e7bc055de28c655fcda77f8170391faefc77a52fd64e4d979e7b907
-
SHA512
b44989d6445c21a3a0ef7bca78c9d99ad9c1a195069e57d0db09b1e99e50aabb59925374306fdad62ddfa17780d52dd6e879cfbcbe495055afd2be1fae261513
Static task
static1
Malware Config
Targets
-
-
Target
62b1e737d4d5dc8c.exe
-
Size
3.2MB
-
MD5
857b8efbf5036817578c584fe76ec47c
-
SHA1
bccc88b82326b5d2a6a9bc0775e4e458b087e4cb
-
SHA256
492627d77e7bc055de28c655fcda77f8170391faefc77a52fd64e4d979e7b907
-
SHA512
b44989d6445c21a3a0ef7bca78c9d99ad9c1a195069e57d0db09b1e99e50aabb59925374306fdad62ddfa17780d52dd6e879cfbcbe495055afd2be1fae261513
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-