General
-
Target
15c4436deb5fc30241abaa1b024170bff09055a6a32cf34e5713530bfcc7d2ba
-
Size
271KB
-
Sample
220520-qmch6sdfb3
-
MD5
e2e7426aba2725a5f2d735810d9ba6e5
-
SHA1
30cca53069a91dc108f39f66e5d546c60a7c8570
-
SHA256
15c4436deb5fc30241abaa1b024170bff09055a6a32cf34e5713530bfcc7d2ba
-
SHA512
80231baed83d5d31f959c1e5c365d8acb19c9df4e2ebe05034b5041f0eb2d618a8db83003d3bc0977d14aee0d6a91c1901dd0e7379f628cb432ac463e76a7cc1
Static task
static1
Behavioral task
behavioral1
Sample
dm_2020-08-04_12-34.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
dm_2020-08-04_12-34.exe
-
Size
378KB
-
MD5
055eab630948751fea12dea70af602c2
-
SHA1
58e3c687b83b5fac9e5a7f65745b8171832ec7ae
-
SHA256
6327c2d28925dd4680b13585501e34181fc4beefaeb08040d1c10fc91a16f0a3
-
SHA512
0a2d90c4d6e0e974ff5c84a856b807fa53b1361f18428758e2afafc7069f759f6715adf63b14258686f5b19a5fe6b89048046d83d957f720393c9b9c066186a5
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-