General
-
Target
b8931e787497efcd1306a1b86529f1d930084650fd6c38fd7051bc167b02e6fb
-
Size
1.2MB
-
Sample
220119-sr8hhsbag7
-
MD5
600c20e18834769dc0ae528c69108a5d
-
SHA1
743b942a951d381c0e3efc1fac3e2f09740769c2
-
SHA256
b8931e787497efcd1306a1b86529f1d930084650fd6c38fd7051bc167b02e6fb
-
SHA512
36079c25f17ce81de7ebe8b3225421191ba73c1f7a9cf049c7bbc818f8b2b5c157e279dc8e2aeb3d5addb93e233768792ad52a2e75218d55ddfeaf46e30e20ec
Static task
static1
Behavioral task
behavioral1
Sample
b8931e787497efcd1306a1b86529f1d930084650fd6c38fd7051bc167b02e6fb.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
b8931e787497efcd1306a1b86529f1d930084650fd6c38fd7051bc167b02e6fb
-
Size
1.2MB
-
MD5
600c20e18834769dc0ae528c69108a5d
-
SHA1
743b942a951d381c0e3efc1fac3e2f09740769c2
-
SHA256
b8931e787497efcd1306a1b86529f1d930084650fd6c38fd7051bc167b02e6fb
-
SHA512
36079c25f17ce81de7ebe8b3225421191ba73c1f7a9cf049c7bbc818f8b2b5c157e279dc8e2aeb3d5addb93e233768792ad52a2e75218d55ddfeaf46e30e20ec
Score10/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Downloads MZ/PE file
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-