General
-
Target
35dcdcfad8597316dd956f96fd78261cc5ef4b86c9483c94e0376884c78c5911
-
Size
197KB
-
Sample
220626-2r72esfea5
-
MD5
ac3d1720ef9b8517cf48e025dbc7a047
-
SHA1
d6cdafb29fd0c03d74a142e764a40022820cde6f
-
SHA256
35dcdcfad8597316dd956f96fd78261cc5ef4b86c9483c94e0376884c78c5911
-
SHA512
f27780c5a6d96c0b101109fe421cbaa2a68141405f82db6de00780c090fa8997c9b4ebeb6a1ff2382c76227b7227fe05c757a3ce3dfab2e01418b21045825ddc
Static task
static1
Behavioral task
behavioral1
Sample
35dcdcfad8597316dd956f96fd78261cc5ef4b86c9483c94e0376884c78c5911.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
35dcdcfad8597316dd956f96fd78261cc5ef4b86c9483c94e0376884c78c5911
-
Size
197KB
-
MD5
ac3d1720ef9b8517cf48e025dbc7a047
-
SHA1
d6cdafb29fd0c03d74a142e764a40022820cde6f
-
SHA256
35dcdcfad8597316dd956f96fd78261cc5ef4b86c9483c94e0376884c78c5911
-
SHA512
f27780c5a6d96c0b101109fe421cbaa2a68141405f82db6de00780c090fa8997c9b4ebeb6a1ff2382c76227b7227fe05c757a3ce3dfab2e01418b21045825ddc
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-