General
-
Target
8CE0B787ADB620218110DC79B3043045.fil
-
Size
7.8MB
-
Sample
220208-1ra61sfda5
-
MD5
8ce0b787adb620218110dc79b3043045
-
SHA1
e79787710f4661eb02f6f408d0e2d7707e8f4395
-
SHA256
9d83407d96e73e7fa042dc1c0d80c9de04ef22621c14a712b552ebc34e119919
-
SHA512
c6924db3a4f92e75ff8a7d5bc032447164491fac9714ad45dd0ecd9f6c7372e4804dff9a6851d8810b91675fdeac3760dc1a1cbd3031a21a9d3b152f13e728fd
Static task
static1
Behavioral task
behavioral1
Sample
8CE0B787ADB620218110DC79B3043045.dll
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
8CE0B787ADB620218110DC79B3043045.fil
-
Size
7.8MB
-
MD5
8ce0b787adb620218110dc79b3043045
-
SHA1
e79787710f4661eb02f6f408d0e2d7707e8f4395
-
SHA256
9d83407d96e73e7fa042dc1c0d80c9de04ef22621c14a712b552ebc34e119919
-
SHA512
c6924db3a4f92e75ff8a7d5bc032447164491fac9714ad45dd0ecd9f6c7372e4804dff9a6851d8810b91675fdeac3760dc1a1cbd3031a21a9d3b152f13e728fd
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-