General
-
Target
235044f58c801955ed496f8c84712fdb353fdd9b6fda91886262234bdb710614
-
Size
2.4MB
-
Sample
220521-x4g9bachb8
-
MD5
5fba3cbc31c7b28b763817636f2b1a38
-
SHA1
992ee97e64491206e829ba40377f5a9878008414
-
SHA256
235044f58c801955ed496f8c84712fdb353fdd9b6fda91886262234bdb710614
-
SHA512
752d4aacd5482c38b1385ca0746c88bf857110bd79ec23add069b1520b792b612e1ec94a1914eeddeaed0c3d0e04db3a64744c5d734cf53f4fdf41d40b1580e6
Static task
static1
Behavioral task
behavioral1
Sample
235044f58c801955ed496f8c84712fdb353fdd9b6fda91886262234bdb710614.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
235044f58c801955ed496f8c84712fdb353fdd9b6fda91886262234bdb710614
-
Size
2.4MB
-
MD5
5fba3cbc31c7b28b763817636f2b1a38
-
SHA1
992ee97e64491206e829ba40377f5a9878008414
-
SHA256
235044f58c801955ed496f8c84712fdb353fdd9b6fda91886262234bdb710614
-
SHA512
752d4aacd5482c38b1385ca0746c88bf857110bd79ec23add069b1520b792b612e1ec94a1914eeddeaed0c3d0e04db3a64744c5d734cf53f4fdf41d40b1580e6
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-