General
-
Target
2de6fb71c1d5ba0cd8d321546c04eaddddbf4a00ce4ef6ca6b7974a2a734a147
-
Size
2.4MB
-
Sample
220521-x35yzscha8
-
MD5
623890489d896bfb39e17ed88f670656
-
SHA1
f5c7eb9f1982e1ba5357e548c5adb8ec6317232e
-
SHA256
2de6fb71c1d5ba0cd8d321546c04eaddddbf4a00ce4ef6ca6b7974a2a734a147
-
SHA512
b8406cca8ac8b07df5138e201b3acbdd9647f03bc06cd5f99b9bb6d223c32885c0c4e5aee97c9b4d3d8cc0500760c125eebb1388c721b8d85d8ba52091a9c213
Static task
static1
Behavioral task
behavioral1
Sample
2de6fb71c1d5ba0cd8d321546c04eaddddbf4a00ce4ef6ca6b7974a2a734a147.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
2de6fb71c1d5ba0cd8d321546c04eaddddbf4a00ce4ef6ca6b7974a2a734a147
-
Size
2.4MB
-
MD5
623890489d896bfb39e17ed88f670656
-
SHA1
f5c7eb9f1982e1ba5357e548c5adb8ec6317232e
-
SHA256
2de6fb71c1d5ba0cd8d321546c04eaddddbf4a00ce4ef6ca6b7974a2a734a147
-
SHA512
b8406cca8ac8b07df5138e201b3acbdd9647f03bc06cd5f99b9bb6d223c32885c0c4e5aee97c9b4d3d8cc0500760c125eebb1388c721b8d85d8ba52091a9c213
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-