General
-
Target
aeed49c65295513b0254559128415e516ffe4491b4038183965225251e9813b6
-
Size
8.8MB
-
Sample
220521-p5fg4sbhbj
-
MD5
015b22c976fd2a5f65efef1d3b33d01f
-
SHA1
eba467b70f7581d64f18d9c75d878b01a3f572f7
-
SHA256
aeed49c65295513b0254559128415e516ffe4491b4038183965225251e9813b6
-
SHA512
17b4d1433263058de66782b4763f06795ec80ad4886132a6954a294c0a0e0900fec83ce414136951614aa515ec62d6a52f1123f12044fe0cb37a6ed8ba2d6f44
Static task
static1
Behavioral task
behavioral1
Sample
BJEBEL9UBFA2EIDN5GRFS5C09QO1YYW0K19TF9E.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
BJEBEL9UBFA2EIDN5GRFS5C09QO1YYW0K19TF9E.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
H1ZGRUEJUYOGBIJ307WC4YFDIMZL7OG83UHX.exe
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
H1ZGRUEJUYOGBIJ307WC4YFDIMZL7OG83UHX.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
BJEBEL9UBFA2EIDN5GRFS5C09QO1YYW0K19TF9E
-
Size
8.5MB
-
MD5
43f089b7855dfe47e1dfe348445b5865
-
SHA1
8b20f11e27be02a8bda40ca9f48603e7adfd76de
-
SHA256
33ffacc3e517f4f1dad47f1ca28d26188e202d5e2e300e1e71bc0a57e682292a
-
SHA512
8a7f7a2dc536849f9452317ace271c398a623be305d74c4c0ea4acbdcb9a314a407d5075fadb41637ef751b1cee517e1df11c9d9f180fd016337f54103fa5fd8
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
H1ZGRUEJUYOGBIJ307WC4YFDIMZL7OG83UHX
-
Size
883KB
-
MD5
3d9e621aa8d9d1a97eff65affaee6cc2
-
SHA1
79c2c6e16d566912eb10cca2895539b9adb88cdb
-
SHA256
54e90ef3b2121408e03bb343b70583fe15a2ca24d5d76e8129766dbaa22817c5
-
SHA512
3d2d91393bffb3cfc1b919d5d4fadad1a2daa5d7ae54b0007e6c33af311c3ffb2f1b4e008d016d4043a2a0433e838d940f47bf4a857484878c46dd985c545a55
Score1/10 -