General
-
Target
412464b25bf136c3780aff5a5a67d9390a0d6a6f852aea0957263fc41e266c8b
-
Size
2.4MB
-
Sample
220521-x34qxscha5
-
MD5
848c93b61daed461ca0b5451c86a5a57
-
SHA1
542253b1d64955af2e90a4c7940a573b0e11359b
-
SHA256
412464b25bf136c3780aff5a5a67d9390a0d6a6f852aea0957263fc41e266c8b
-
SHA512
f1917e83f1ac73c6db13fda68e4888db25f65060ec4c821fe715cff16db91a812d8afc782cbc81fb31c5ecd0e136815b8603e0ecbc4f63f8dc9d7a57c52ab9cd
Static task
static1
Behavioral task
behavioral1
Sample
412464b25bf136c3780aff5a5a67d9390a0d6a6f852aea0957263fc41e266c8b.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
412464b25bf136c3780aff5a5a67d9390a0d6a6f852aea0957263fc41e266c8b
-
Size
2.4MB
-
MD5
848c93b61daed461ca0b5451c86a5a57
-
SHA1
542253b1d64955af2e90a4c7940a573b0e11359b
-
SHA256
412464b25bf136c3780aff5a5a67d9390a0d6a6f852aea0957263fc41e266c8b
-
SHA512
f1917e83f1ac73c6db13fda68e4888db25f65060ec4c821fe715cff16db91a812d8afc782cbc81fb31c5ecd0e136815b8603e0ecbc4f63f8dc9d7a57c52ab9cd
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-