General
-
Target
a998fb101add80180610610a478bc6f278f1e96f47382387a192cf1439ab4554
-
Size
4.8MB
-
Sample
220516-16dwfsbhd2
-
MD5
563b7ec2b7aeeb861a70f1f3cbd9fcbc
-
SHA1
3c9ad9d06b6f44e9c09bf1eb15af433945dcfdbd
-
SHA256
a998fb101add80180610610a478bc6f278f1e96f47382387a192cf1439ab4554
-
SHA512
5137885a0ad19291565b4812e2ee9e0d96e597a02f07848ba7d80b569dacfef01147ee13abe14613195f72bf8dbd735ee8b0912216edbb41c4e596fc5f33eff2
Static task
static1
Behavioral task
behavioral1
Sample
a998fb101add80180610610a478bc6f278f1e96f47382387a192cf1439ab4554.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
a998fb101add80180610610a478bc6f278f1e96f47382387a192cf1439ab4554
-
Size
4.8MB
-
MD5
563b7ec2b7aeeb861a70f1f3cbd9fcbc
-
SHA1
3c9ad9d06b6f44e9c09bf1eb15af433945dcfdbd
-
SHA256
a998fb101add80180610610a478bc6f278f1e96f47382387a192cf1439ab4554
-
SHA512
5137885a0ad19291565b4812e2ee9e0d96e597a02f07848ba7d80b569dacfef01147ee13abe14613195f72bf8dbd735ee8b0912216edbb41c4e596fc5f33eff2
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-