General
-
Target
c32fd7c62aab99cc4728af00fc88314eb353e8ed927b25518a8cf8aae6ee294d
-
Size
1.2MB
-
Sample
220520-3vvqyacdgr
-
MD5
31c3cb3c4bc98a2df80a310478d22bff
-
SHA1
c622ccdf8eef6119cbc334449244ad5197a1a4f1
-
SHA256
c32fd7c62aab99cc4728af00fc88314eb353e8ed927b25518a8cf8aae6ee294d
-
SHA512
59f2e28a5ec52fa26dde41b57c061035d788cefbcb39e8a5659be322e55603d3369de68d3cd5448b11064ca428ddfb5e7cdadf51ad8d7be765bd153bc325d032
Static task
static1
Behavioral task
behavioral1
Sample
SHIPING_.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
SHIPING_.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
SHIPING_.EXE
-
Size
324KB
-
MD5
ba845238a18fce703027ff6ead54d39d
-
SHA1
b4330999fa833f70c8043d356141619a12888833
-
SHA256
76fd32c94282886e069385963dae1a78eaaac41d2f124d7311476a344ebd8e49
-
SHA512
b35fc1dac8c036f530ce427fee622e36a224ebf7be2f861a16ac21fd6a57678410487374c783d47e5602dba03f59b771a1afeff143dfaf39dcc0231c2050af9a
Score9/10-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-