General
-
Target
3403923f1a151466a81c2c7a1fda617b7fbb43b1b8b0325e26e30ed06b6eb936
-
Size
2.4MB
-
Sample
220521-x4e4ysgafm
-
MD5
7a35502a5df5334c0ffde46303b1f56d
-
SHA1
5729508b725b7add8d2158aee2d0a3bc18a7a38a
-
SHA256
3403923f1a151466a81c2c7a1fda617b7fbb43b1b8b0325e26e30ed06b6eb936
-
SHA512
a460bc541f0b68ba5c5ddbea3f78e1e933c50a119baaba3b753ef44bf1e40802b88cd97205ae064c18dcfebb7d79a7acdf769c1327962a6b90d35fa9047d4ed7
Static task
static1
Behavioral task
behavioral1
Sample
3403923f1a151466a81c2c7a1fda617b7fbb43b1b8b0325e26e30ed06b6eb936.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
3403923f1a151466a81c2c7a1fda617b7fbb43b1b8b0325e26e30ed06b6eb936
-
Size
2.4MB
-
MD5
7a35502a5df5334c0ffde46303b1f56d
-
SHA1
5729508b725b7add8d2158aee2d0a3bc18a7a38a
-
SHA256
3403923f1a151466a81c2c7a1fda617b7fbb43b1b8b0325e26e30ed06b6eb936
-
SHA512
a460bc541f0b68ba5c5ddbea3f78e1e933c50a119baaba3b753ef44bf1e40802b88cd97205ae064c18dcfebb7d79a7acdf769c1327962a6b90d35fa9047d4ed7
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-