Analysis
-
max time kernel
1792s -
max time network
1797s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
28-06-2022 16:06
Static task
static1
Behavioral task
behavioral1
Sample
2fa8d3ac3480b45a945dc7be90083bf61c29850acd8bb4a6d2f5a07728b16752.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2fa8d3ac3480b45a945dc7be90083bf61c29850acd8bb4a6d2f5a07728b16752.exe
Resource
win10v2004-20220414-en
General
-
Target
2fa8d3ac3480b45a945dc7be90083bf61c29850acd8bb4a6d2f5a07728b16752.exe
-
Size
216KB
-
MD5
6eb8865bf055ba30cc9e2843f16ee461
-
SHA1
cde4ef3081071abd18f434b00195fba5a05b4fe0
-
SHA256
2fa8d3ac3480b45a945dc7be90083bf61c29850acd8bb4a6d2f5a07728b16752
-
SHA512
2a0d71adaf446e1c7a98b5720e9b1b29b986c9095b94500ac55b2d3cbbb52e768bee1edcd66ef7dd416ccff19c70e1158ab5e50112a972d7d1a6cf89e1f283b7
Malware Config
Signatures
-
suricata: ET MALWARE Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses
suricata: ET MALWARE Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses
-
Checks BIOS information in registry 2 TTPs 1 IoCs
BIOS information is often read in order to detect sandboxing environments.
Processes:
2fa8d3ac3480b45a945dc7be90083bf61c29850acd8bb4a6d2f5a07728b16752.exedescription ioc process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion 2fa8d3ac3480b45a945dc7be90083bf61c29850acd8bb4a6d2f5a07728b16752.exe