General
-
Target
e1a51320c982179affb26f417fbbba7e259f819a2721ab9eb0f6d665b6ea1625
-
Size
2.4MB
-
Sample
220521-x4cntsgafj
-
MD5
d97fc262c11054add1ba906118b4e7ee
-
SHA1
56a6e7c8935945224be7fb0ca899c897456eb5e4
-
SHA256
e1a51320c982179affb26f417fbbba7e259f819a2721ab9eb0f6d665b6ea1625
-
SHA512
b99c92fe3d7ea0c8f4003449ed9caf57f746a45ae2b2feef7ed6ca3f796a7b996ec44b6b1b5ca8cf912c406dc8948322b4758d6652a43057a6bccb424be39b08
Static task
static1
Behavioral task
behavioral1
Sample
e1a51320c982179affb26f417fbbba7e259f819a2721ab9eb0f6d665b6ea1625.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
e1a51320c982179affb26f417fbbba7e259f819a2721ab9eb0f6d665b6ea1625
-
Size
2.4MB
-
MD5
d97fc262c11054add1ba906118b4e7ee
-
SHA1
56a6e7c8935945224be7fb0ca899c897456eb5e4
-
SHA256
e1a51320c982179affb26f417fbbba7e259f819a2721ab9eb0f6d665b6ea1625
-
SHA512
b99c92fe3d7ea0c8f4003449ed9caf57f746a45ae2b2feef7ed6ca3f796a7b996ec44b6b1b5ca8cf912c406dc8948322b4758d6652a43057a6bccb424be39b08
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-