General
-
Target
4a68f0ad3c0758aeae9675c4b62260922a0f09cdfd5721bfd25fbf12b00db614
-
Size
9.2MB
-
Sample
220621-kz2e6segg7
-
MD5
1a515d2f5cadf1adf6ef13625777f9cb
-
SHA1
5633963055415e954fda91653d172084cc32af19
-
SHA256
4a68f0ad3c0758aeae9675c4b62260922a0f09cdfd5721bfd25fbf12b00db614
-
SHA512
fafce093d869d2405b08289c7b24b8f92d7a1c8ecc5adf55d48efdbdc67c43dc8cc8855f84f60212220eac377b550e00e10e10aebbf8dd38c88764ffc5ff430c
Static task
static1
Behavioral task
behavioral1
Sample
4a68f0ad3c0758aeae9675c4b62260922a0f09cdfd5721bfd25fbf12b00db614.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
4a68f0ad3c0758aeae9675c4b62260922a0f09cdfd5721bfd25fbf12b00db614
-
Size
9.2MB
-
MD5
1a515d2f5cadf1adf6ef13625777f9cb
-
SHA1
5633963055415e954fda91653d172084cc32af19
-
SHA256
4a68f0ad3c0758aeae9675c4b62260922a0f09cdfd5721bfd25fbf12b00db614
-
SHA512
fafce093d869d2405b08289c7b24b8f92d7a1c8ecc5adf55d48efdbdc67c43dc8cc8855f84f60212220eac377b550e00e10e10aebbf8dd38c88764ffc5ff430c
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-