General
-
Target
308c02df24ac0d5cf1ae21bff85ab88df85397bdfb5c041d0dbedcfc57143305
-
Size
5.4MB
-
Sample
220621-dyerfscec4
-
MD5
f352e78be2638e2a09c21a277d0e3a08
-
SHA1
9b971cbc10640f4c3df9349d066ca4ee39883ea3
-
SHA256
308c02df24ac0d5cf1ae21bff85ab88df85397bdfb5c041d0dbedcfc57143305
-
SHA512
388ef9ea7b79456cb0dcb511ba2afae5583dee9b2e4267e2ddc35a0f5f55345e0ffa4e8ad44de152421c496ab7aae5ba7073f5811fb759394ebeb58015d256e5
Static task
static1
Behavioral task
behavioral1
Sample
308c02df24ac0d5cf1ae21bff85ab88df85397bdfb5c041d0dbedcfc57143305.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
308c02df24ac0d5cf1ae21bff85ab88df85397bdfb5c041d0dbedcfc57143305
-
Size
5.4MB
-
MD5
f352e78be2638e2a09c21a277d0e3a08
-
SHA1
9b971cbc10640f4c3df9349d066ca4ee39883ea3
-
SHA256
308c02df24ac0d5cf1ae21bff85ab88df85397bdfb5c041d0dbedcfc57143305
-
SHA512
388ef9ea7b79456cb0dcb511ba2afae5583dee9b2e4267e2ddc35a0f5f55345e0ffa4e8ad44de152421c496ab7aae5ba7073f5811fb759394ebeb58015d256e5
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-