General
-
Target
5d3d44cad3c2b99b0c08aa0ee2ecdeb3c514090498a4a4c8f2cf7946143ff853
-
Size
263KB
-
Sample
220520-qwh3baebf7
-
MD5
e8363706522342acd3b8016e5c1d42d1
-
SHA1
9f99b309b92eb8ba5f0d2e8c8de8a1c332dbf75c
-
SHA256
5d3d44cad3c2b99b0c08aa0ee2ecdeb3c514090498a4a4c8f2cf7946143ff853
-
SHA512
06eeecea783f3d631ed5be21900486d1f3bf44ef714c1e87fecbf7c70de309c044cadb946be3db842c8d1c467ae077d0355c5222a4f3dedc8c469f16524fbcb5
Static task
static1
Behavioral task
behavioral1
Sample
dm_2020-07-24_08-34.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
dm_2020-07-24_08-34.exe
-
Size
316KB
-
MD5
ca2435bf28a9f678e7f2136cfc52cfcb
-
SHA1
042c3f1f2675d30f3394243db9a1aaeba7e1e87e
-
SHA256
4432dedd4db9c2f1f554cb9fc4317196051ca8dc405231e2bd1bc9845702a872
-
SHA512
786cc02a5453da625e8e4a04aab626993e103f113881f9931b5d6d66ab498a162d9847fed7ff54e116d4c33238d5538878f0489ba82dc554c9cde56e7cd1fd43
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-