General
-
Target
c0a2a3708516a321ad2fd68400bef6a3b302af54d6533b5cce6c67b4e13b87d3
-
Size
2.4MB
-
Sample
220521-x381mschb3
-
MD5
6d990709823d9c5c258dad3c0c00507c
-
SHA1
350a757b21495fd552f306be278ac4d27e222c7a
-
SHA256
c0a2a3708516a321ad2fd68400bef6a3b302af54d6533b5cce6c67b4e13b87d3
-
SHA512
78773a3adae22b928421d1afa9953d776263ec251f007a0772758429482b7f969be6e44f19b574e672d66e5d7c39ad7f22266e4e910ac6452a00d8f8b8c36b33
Static task
static1
Behavioral task
behavioral1
Sample
c0a2a3708516a321ad2fd68400bef6a3b302af54d6533b5cce6c67b4e13b87d3.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
c0a2a3708516a321ad2fd68400bef6a3b302af54d6533b5cce6c67b4e13b87d3
-
Size
2.4MB
-
MD5
6d990709823d9c5c258dad3c0c00507c
-
SHA1
350a757b21495fd552f306be278ac4d27e222c7a
-
SHA256
c0a2a3708516a321ad2fd68400bef6a3b302af54d6533b5cce6c67b4e13b87d3
-
SHA512
78773a3adae22b928421d1afa9953d776263ec251f007a0772758429482b7f969be6e44f19b574e672d66e5d7c39ad7f22266e4e910ac6452a00d8f8b8c36b33
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-