General
-
Target
d005a8cf301819a46ecbb1d1e5db0bf87951808d141ada5e13ffc4b68155a112
-
Size
2.4MB
-
Sample
220521-x4f19agafn
-
MD5
178b3301656b43e46678fbbda58e9af7
-
SHA1
83a951b61a9bd2ec003a4004d13023368d1c8d55
-
SHA256
d005a8cf301819a46ecbb1d1e5db0bf87951808d141ada5e13ffc4b68155a112
-
SHA512
1f8d19dc85164375c22e3ebcf357ad6666c4ccac0b75006cd4bfd7824d3273ba4e3c67ffd1bc2cd261d640da2f5812e2b509f728f1fb771de42f65742a18de0e
Static task
static1
Behavioral task
behavioral1
Sample
d005a8cf301819a46ecbb1d1e5db0bf87951808d141ada5e13ffc4b68155a112.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
d005a8cf301819a46ecbb1d1e5db0bf87951808d141ada5e13ffc4b68155a112
-
Size
2.4MB
-
MD5
178b3301656b43e46678fbbda58e9af7
-
SHA1
83a951b61a9bd2ec003a4004d13023368d1c8d55
-
SHA256
d005a8cf301819a46ecbb1d1e5db0bf87951808d141ada5e13ffc4b68155a112
-
SHA512
1f8d19dc85164375c22e3ebcf357ad6666c4ccac0b75006cd4bfd7824d3273ba4e3c67ffd1bc2cd261d640da2f5812e2b509f728f1fb771de42f65742a18de0e
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-