General
-
Target
cfba16fa9aa7fdc7b744b2832ef65558d8d9934171f0d6e902e7a423d800b50f
-
Size
2.4MB
-
Sample
220521-x4bfrschb5
-
MD5
cd9f18209f2d8ef60e8199662b2ea120
-
SHA1
bbf36d27902a379ae5e204babde0cb330934a6cc
-
SHA256
cfba16fa9aa7fdc7b744b2832ef65558d8d9934171f0d6e902e7a423d800b50f
-
SHA512
621d3d82f04aebb6cf4ffc7e012ddfc05c1bd677eb3b018a8b37bec6812762d2b6617bcb7c9af4fe235a43219b1b20aeb84e677cd3899840c4a24ce548b70586
Static task
static1
Behavioral task
behavioral1
Sample
cfba16fa9aa7fdc7b744b2832ef65558d8d9934171f0d6e902e7a423d800b50f.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
cfba16fa9aa7fdc7b744b2832ef65558d8d9934171f0d6e902e7a423d800b50f
-
Size
2.4MB
-
MD5
cd9f18209f2d8ef60e8199662b2ea120
-
SHA1
bbf36d27902a379ae5e204babde0cb330934a6cc
-
SHA256
cfba16fa9aa7fdc7b744b2832ef65558d8d9934171f0d6e902e7a423d800b50f
-
SHA512
621d3d82f04aebb6cf4ffc7e012ddfc05c1bd677eb3b018a8b37bec6812762d2b6617bcb7c9af4fe235a43219b1b20aeb84e677cd3899840c4a24ce548b70586
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-