General
-
Target
3943281b88b1c4d3afabc6f0db027b3933a0b3dcf22c13bd37103fa33d851d13
-
Size
461KB
-
Sample
220124-f3zzascfd6
-
MD5
ffc3fd7dd91f9a8033b0de2db261241a
-
SHA1
2723f90f3edba93dae72c1be8f4fb22a945e52e7
-
SHA256
3943281b88b1c4d3afabc6f0db027b3933a0b3dcf22c13bd37103fa33d851d13
-
SHA512
ba20323aa4dbc5f08b9fe36e452bed96ff2b34ba092037c570cadf6f10fe43c25f54e15990fa4e0cd6cabe528fee025afc4d94f1940cebc5f4c2902b3c5c21a2
Static task
static1
Behavioral task
behavioral1
Sample
NEW ORDER AND SPECIFICATION.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
NEW ORDER AND SPECIFICATION.exe
Resource
win10-en-20211208
Malware Config
Targets
-
-
Target
NEW ORDER AND SPECIFICATION.exe
-
Size
487KB
-
MD5
1704410a710dbcf99cbff188d796c3a1
-
SHA1
beaf7a7c3296dc9920d13c70f98f27104d1b5fa2
-
SHA256
68c40a2d26a20a9599e62882b776e4e7c67bbab8dff52c0102cfda21df1c08c3
-
SHA512
7681a0ba0d5e8bc51911ab871373706dc6b3ed84484cce506fce995e79551f06d25859ae1089a67cd51ee748b347cea22cd6878e52c3796b52a68f15991e5a93
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-