General
-
Target
0fca673bb346dcda20aa59e1de49dee4e3aace600d97c1f66bf4f20f74213451
-
Size
487KB
-
Sample
220124-gq4x6adbf7
-
MD5
87dc59b71474d2018f267953eec4e304
-
SHA1
144f9c66a1f86b5f8d025df187a3ce9d4cb7bd75
-
SHA256
0fca673bb346dcda20aa59e1de49dee4e3aace600d97c1f66bf4f20f74213451
-
SHA512
191a7c23e3d634e3c14d747db21d8aba3179a015f61e2d3ecc2cce3386e952f05c5284d26033fc3d98a5fe3f0555be1da533abbddab37131a3f9ea0c007b4281
Static task
static1
Behavioral task
behavioral1
Sample
0fca673bb346dcda20aa59e1de49dee4e3aace600d97c1f66bf4f20f74213451.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
0fca673bb346dcda20aa59e1de49dee4e3aace600d97c1f66bf4f20f74213451
-
Size
487KB
-
MD5
87dc59b71474d2018f267953eec4e304
-
SHA1
144f9c66a1f86b5f8d025df187a3ce9d4cb7bd75
-
SHA256
0fca673bb346dcda20aa59e1de49dee4e3aace600d97c1f66bf4f20f74213451
-
SHA512
191a7c23e3d634e3c14d747db21d8aba3179a015f61e2d3ecc2cce3386e952f05c5284d26033fc3d98a5fe3f0555be1da533abbddab37131a3f9ea0c007b4281
-
Modifies firewall policy service
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-