General
-
Target
3f1d2e8d5d89e82cf02d96ac0bb2a219a12eac2f3aa6b1ada0ec072c8222dec8
-
Size
290KB
-
Sample
220701-c52n5agfap
-
MD5
c6111156b395f3e7da625a7022e65510
-
SHA1
bbafe2de1510525ca60232df6f0b470d5ca57fa9
-
SHA256
3f1d2e8d5d89e82cf02d96ac0bb2a219a12eac2f3aa6b1ada0ec072c8222dec8
-
SHA512
2fba768d40f1f67194b794a60e249cc4b335048d37b5e66ac8ab0e0e9773cbc417cf14367716b51fa0c98e75b2b39fc4cab2d44b1fe70c735de8be22adba6dd2
Static task
static1
Behavioral task
behavioral1
Sample
3f1d2e8d5d89e82cf02d96ac0bb2a219a12eac2f3aa6b1ada0ec072c8222dec8.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
3f1d2e8d5d89e82cf02d96ac0bb2a219a12eac2f3aa6b1ada0ec072c8222dec8
-
Size
290KB
-
MD5
c6111156b395f3e7da625a7022e65510
-
SHA1
bbafe2de1510525ca60232df6f0b470d5ca57fa9
-
SHA256
3f1d2e8d5d89e82cf02d96ac0bb2a219a12eac2f3aa6b1ada0ec072c8222dec8
-
SHA512
2fba768d40f1f67194b794a60e249cc4b335048d37b5e66ac8ab0e0e9773cbc417cf14367716b51fa0c98e75b2b39fc4cab2d44b1fe70c735de8be22adba6dd2
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-