General
-
Target
ada74d03bb2c9571e97761b052fcd71f6833afc08493800a91e4c10cdeaaaf68
-
Size
2.7MB
-
Sample
220625-kx9c1agbg8
-
MD5
77ecc1dad9f2ed9d3196c31d9e33e34e
-
SHA1
eecd0e92538e31a9b7001609a3b25e4ff102593e
-
SHA256
ada74d03bb2c9571e97761b052fcd71f6833afc08493800a91e4c10cdeaaaf68
-
SHA512
8318727f3ba21bf1b3fea46862f20902d8273550c35e640da12298a1d3bbc28d84413a1a52f95ae1a844f2eeb55ca91caa60cf8d90b26e798d02784357493b51
Static task
static1
Behavioral task
behavioral1
Sample
ada74d03bb2c9571e97761b052fcd71f6833afc08493800a91e4c10cdeaaaf68.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
ada74d03bb2c9571e97761b052fcd71f6833afc08493800a91e4c10cdeaaaf68
-
Size
2.7MB
-
MD5
77ecc1dad9f2ed9d3196c31d9e33e34e
-
SHA1
eecd0e92538e31a9b7001609a3b25e4ff102593e
-
SHA256
ada74d03bb2c9571e97761b052fcd71f6833afc08493800a91e4c10cdeaaaf68
-
SHA512
8318727f3ba21bf1b3fea46862f20902d8273550c35e640da12298a1d3bbc28d84413a1a52f95ae1a844f2eeb55ca91caa60cf8d90b26e798d02784357493b51
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops startup file
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-