General
-
Target
rcffjegiiinnwpebfbgtp.exe
-
Size
14.8MB
-
Sample
220520-2hxt4afdc6
-
MD5
4b56ac2187b958bdc5cd33e677d3d48a
-
SHA1
8de5a8dbebbad452a9ff96f07e7970193e746386
-
SHA256
c7cf2cb175bcc0e3a3a322987c6582e404756c8187424fdc0e9a315305a06870
-
SHA512
c1f6b1a6704b8267a07a51ab168ffad4247641322e3eca43786683007725c6d81a609eb9c629b3fd847ab3664617713751e10a83b314e832f0a9a7b155f8dc24
Static task
static1
Behavioral task
behavioral1
Sample
rcffjegiiinnwpebfbgtp.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
rcffjegiiinnwpebfbgtp.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
rcffjegiiinnwpebfbgtp.exe
-
Size
14.8MB
-
MD5
4b56ac2187b958bdc5cd33e677d3d48a
-
SHA1
8de5a8dbebbad452a9ff96f07e7970193e746386
-
SHA256
c7cf2cb175bcc0e3a3a322987c6582e404756c8187424fdc0e9a315305a06870
-
SHA512
c1f6b1a6704b8267a07a51ab168ffad4247641322e3eca43786683007725c6d81a609eb9c629b3fd847ab3664617713751e10a83b314e832f0a9a7b155f8dc24
Score9/10-
Looks for VirtualBox Guest Additions in registry
-
Downloads MZ/PE file
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops desktop.ini file(s)
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-