General
-
Target
2583b86afc2edbd36516fa207c6d8646
-
Size
3.1MB
-
Sample
220617-xqb55sfee7
-
MD5
2583b86afc2edbd36516fa207c6d8646
-
SHA1
710c31523ba20d61e001be4c09810adf08af8978
-
SHA256
b55e5d9ac18a8d5cc43f4cdc8046865fa97237073c8cc6ab5bd5e4ad1e63df2f
-
SHA512
42cae1d004c50110e53051e0d831c45def6e2ad9fe6f0ba1c1bb07ceea0c9de4ed3735927ff0c640ea9b3159419b2603fd765fc11ff96f91ce9ea8970907190d
Static task
static1
Behavioral task
behavioral1
Sample
2583b86afc2edbd36516fa207c6d8646.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
2583b86afc2edbd36516fa207c6d8646
-
Size
3.1MB
-
MD5
2583b86afc2edbd36516fa207c6d8646
-
SHA1
710c31523ba20d61e001be4c09810adf08af8978
-
SHA256
b55e5d9ac18a8d5cc43f4cdc8046865fa97237073c8cc6ab5bd5e4ad1e63df2f
-
SHA512
42cae1d004c50110e53051e0d831c45def6e2ad9fe6f0ba1c1bb07ceea0c9de4ed3735927ff0c640ea9b3159419b2603fd765fc11ff96f91ce9ea8970907190d
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-