General
-
Target
c7fcb975f0573e18e1985821f57707eb797a14091295d7acfa10324376dd99f0
-
Size
4.6MB
-
Sample
220521-16l7tsdff2
-
MD5
9a51cf21590842cbacc6d6c1de9d2020
-
SHA1
5ce69d2529442c59b38120434ed0ccc2ec537846
-
SHA256
c7fcb975f0573e18e1985821f57707eb797a14091295d7acfa10324376dd99f0
-
SHA512
4b63510b674878168b53e6bc958321cbc94fb29323c8dafb3c7331547d22bee7e11de8281b0255a233fac4f8f43e726190c95beff861be4edbc99940bb4161cb
Static task
static1
Behavioral task
behavioral1
Sample
c7fcb975f0573e18e1985821f57707eb797a14091295d7acfa10324376dd99f0.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
c7fcb975f0573e18e1985821f57707eb797a14091295d7acfa10324376dd99f0
-
Size
4.6MB
-
MD5
9a51cf21590842cbacc6d6c1de9d2020
-
SHA1
5ce69d2529442c59b38120434ed0ccc2ec537846
-
SHA256
c7fcb975f0573e18e1985821f57707eb797a14091295d7acfa10324376dd99f0
-
SHA512
4b63510b674878168b53e6bc958321cbc94fb29323c8dafb3c7331547d22bee7e11de8281b0255a233fac4f8f43e726190c95beff861be4edbc99940bb4161cb
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-