General
-
Target
ba9e8e95489f6de5529ccd9577a65ac5decaf52900d206ca72d715e8fa4bb918
-
Size
4.0MB
-
Sample
220625-g7b9gabfc2
-
MD5
40e6a0021744f9d32a8522aef538c47a
-
SHA1
0096c40005e4f19a12f8588357bb512a2cae38a6
-
SHA256
ba9e8e95489f6de5529ccd9577a65ac5decaf52900d206ca72d715e8fa4bb918
-
SHA512
5ef067b26eded45b914f0786622224d95c1e22db45dd998b376356e5e981f4d190a0f5a49365ca9ac8b8fcf45edd68350cc10a08fd1cd317d6d295cbfb986377
Static task
static1
Behavioral task
behavioral1
Sample
ba9e8e95489f6de5529ccd9577a65ac5decaf52900d206ca72d715e8fa4bb918.exe
Resource
win7-20220414-en
Malware Config
Extracted
oski
ratienoinino.pw
Targets
-
-
Target
ba9e8e95489f6de5529ccd9577a65ac5decaf52900d206ca72d715e8fa4bb918
-
Size
4.0MB
-
MD5
40e6a0021744f9d32a8522aef538c47a
-
SHA1
0096c40005e4f19a12f8588357bb512a2cae38a6
-
SHA256
ba9e8e95489f6de5529ccd9577a65ac5decaf52900d206ca72d715e8fa4bb918
-
SHA512
5ef067b26eded45b914f0786622224d95c1e22db45dd998b376356e5e981f4d190a0f5a49365ca9ac8b8fcf45edd68350cc10a08fd1cd317d6d295cbfb986377
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-