General
-
Target
SBESecurityMailSetup.exe
-
Size
10.6MB
-
Sample
220112-n3f57acdg4
-
MD5
94c9aa75fdd8914a74818056d36f546d
-
SHA1
d6bc76961125bb6f577aa0e4a5e99bad02a1f511
-
SHA256
394b5e7528c6251123c354f14c9d357d4b0ddb5927d9cb71d00e8f1b84e04827
-
SHA512
6253c5893af99141330123b332a27fb951202e3fc894b718ec4d64b6a666ceb61b0a3ff96421756605bd21c19f7c87530d1c50a40f6acb56cb6120a1005a974a
Static task
static1
Malware Config
Targets
-
-
Target
SBESecurityMailSetup.exe
-
Size
10.6MB
-
MD5
94c9aa75fdd8914a74818056d36f546d
-
SHA1
d6bc76961125bb6f577aa0e4a5e99bad02a1f511
-
SHA256
394b5e7528c6251123c354f14c9d357d4b0ddb5927d9cb71d00e8f1b84e04827
-
SHA512
6253c5893af99141330123b332a27fb951202e3fc894b718ec4d64b6a666ceb61b0a3ff96421756605bd21c19f7c87530d1c50a40f6acb56cb6120a1005a974a
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-