General
-
Target
1c02a87dc806fc74d06f77aad34c3d77f1a6f62aaf387e23c5576ee509c330dd
-
Size
3.3MB
-
Sample
220208-e5dy6sdcdq
-
MD5
f2343615c2cc5b73ac545ed9e8b5cbb5
-
SHA1
c035d0e8d0ea08fcf46516a424cd3a5fdc118d88
-
SHA256
1c02a87dc806fc74d06f77aad34c3d77f1a6f62aaf387e23c5576ee509c330dd
-
SHA512
110e72dfd3e7d96090d21db504359b12a2c4a7fa4e29c761b4b87ed4343d257023506776d53cb91e1d1e121865c04e82f087b7126992931db08995427ea69e44
Static task
static1
Behavioral task
behavioral1
Sample
1c02a87dc806fc74d06f77aad34c3d77f1a6f62aaf387e23c5576ee509c330dd.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
1c02a87dc806fc74d06f77aad34c3d77f1a6f62aaf387e23c5576ee509c330dd
-
Size
3.3MB
-
MD5
f2343615c2cc5b73ac545ed9e8b5cbb5
-
SHA1
c035d0e8d0ea08fcf46516a424cd3a5fdc118d88
-
SHA256
1c02a87dc806fc74d06f77aad34c3d77f1a6f62aaf387e23c5576ee509c330dd
-
SHA512
110e72dfd3e7d96090d21db504359b12a2c4a7fa4e29c761b4b87ed4343d257023506776d53cb91e1d1e121865c04e82f087b7126992931db08995427ea69e44
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops startup file
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-