General
-
Target
63ba59b6c377f04840f8234f341a028ec170a952535136e69577beec9357f3e8
-
Size
9.0MB
-
Sample
220628-phwktabbf3
-
MD5
a4dd634510df494b08635fecbe77b116
-
SHA1
9b8a645b75574d45c0de24a3d5fcca20c081a91d
-
SHA256
63ba59b6c377f04840f8234f341a028ec170a952535136e69577beec9357f3e8
-
SHA512
446a8378121df58606aed8e7a4a4994fcb08761f76170b429bae1a0b96eb54dd38be66f12ac22e9a5d829c0ef6d463fe1d53b1b5c90f6c298d731bc809da22a8
Static task
static1
Behavioral task
behavioral1
Sample
63ba59b6c377f04840f8234f341a028ec170a952535136e69577beec9357f3e8.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
63ba59b6c377f04840f8234f341a028ec170a952535136e69577beec9357f3e8
-
Size
9.0MB
-
MD5
a4dd634510df494b08635fecbe77b116
-
SHA1
9b8a645b75574d45c0de24a3d5fcca20c081a91d
-
SHA256
63ba59b6c377f04840f8234f341a028ec170a952535136e69577beec9357f3e8
-
SHA512
446a8378121df58606aed8e7a4a4994fcb08761f76170b429bae1a0b96eb54dd38be66f12ac22e9a5d829c0ef6d463fe1d53b1b5c90f6c298d731bc809da22a8
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-