General
-
Target
a71b3f06bf87b40b1559fa1d5a8cc3eab4217f317858bce823dd36302412dabc
-
Size
2.4MB
-
Sample
220521-x36khsgaen
-
MD5
152cade991b94b41ab0259fcc4e49339
-
SHA1
750372151b2c9b739701916d2f24b7b017e2107e
-
SHA256
a71b3f06bf87b40b1559fa1d5a8cc3eab4217f317858bce823dd36302412dabc
-
SHA512
c250dd3b5e81cd0fda01a4fd3ee9a716a0d6869406a9d9069ac4e5f090f48c5bb8ac88f85c26d66e4e76c34c61d07da36237257622e83b5aed84f74101b3c89d
Static task
static1
Behavioral task
behavioral1
Sample
a71b3f06bf87b40b1559fa1d5a8cc3eab4217f317858bce823dd36302412dabc.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
a71b3f06bf87b40b1559fa1d5a8cc3eab4217f317858bce823dd36302412dabc
-
Size
2.4MB
-
MD5
152cade991b94b41ab0259fcc4e49339
-
SHA1
750372151b2c9b739701916d2f24b7b017e2107e
-
SHA256
a71b3f06bf87b40b1559fa1d5a8cc3eab4217f317858bce823dd36302412dabc
-
SHA512
c250dd3b5e81cd0fda01a4fd3ee9a716a0d6869406a9d9069ac4e5f090f48c5bb8ac88f85c26d66e4e76c34c61d07da36237257622e83b5aed84f74101b3c89d
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-