General
-
Target
dcc7c3fc757b992731630939a716b64d5e6a2bb88682f16f97bac36868acc11c
-
Size
2.6MB
-
Sample
220111-a39kvaegg9
-
MD5
a86839f5f0e168c50c86047348374353
-
SHA1
89ed03d68b95a7664c85a49d099d7d019cee79ad
-
SHA256
dcc7c3fc757b992731630939a716b64d5e6a2bb88682f16f97bac36868acc11c
-
SHA512
61868f307f8d3e9249c6085f8c16f08161d44df3dc94ed8f3cd3c152c4cb7d199c860bf446c4693426c2bef3bc6c5f2c9378b3a8fb9a5f109e594855d3d08ee9
Static task
static1
Malware Config
Targets
-
-
Target
dcc7c3fc757b992731630939a716b64d5e6a2bb88682f16f97bac36868acc11c
-
Size
2.6MB
-
MD5
a86839f5f0e168c50c86047348374353
-
SHA1
89ed03d68b95a7664c85a49d099d7d019cee79ad
-
SHA256
dcc7c3fc757b992731630939a716b64d5e6a2bb88682f16f97bac36868acc11c
-
SHA512
61868f307f8d3e9249c6085f8c16f08161d44df3dc94ed8f3cd3c152c4cb7d199c860bf446c4693426c2bef3bc6c5f2c9378b3a8fb9a5f109e594855d3d08ee9
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-