General
-
Target
1278.zip
-
Size
8.8MB
-
Sample
220701-j7t6dsbegq
-
MD5
c8d1057de6cd36d2a6243295cfbadc62
-
SHA1
aa3386ae82e3266291c334492d5b2fae7f8aee46
-
SHA256
b8749ac28143dabcfb7ce189d505859fe74d33a55618e76972fba4ebdc50435e
-
SHA512
96a2b4a005856c93877ee099539c37304b20b492761e64a3533f790b8dc0ce88e6a0bbca1597d073414016be155d73eac4e40f03b4adc7d1e0c09a9d54d0a032
Static task
static1
Behavioral task
behavioral1
Sample
bp6i681627o3978tmwuggg.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
bp6i681627o3978tmwuggg.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
pwkxmpqtpc.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
bp6i681627o3978tmwuggg
-
Size
884KB
-
MD5
4685811c853ceaebc991c3a8406694bf
-
SHA1
9cd382eb91bfea5782dd09f589a31b47c2c2b53e
-
SHA256
3242e0a736ef8ac90430a9f272ff30a81e2afc146fcb84a25c6e56e8192791e4
-
SHA512
a504fbca674f15d8964ebc6fac11d9431d700ca22736c00d5bb1e51551b0d2b9e4b2b6824bdf1a778111a0ba8d2601eada2f726b9ec7a9cfa5a53fd43c235b46
Score1/10 -
-
-
Target
pwkxmpqtpc.vjr
-
Size
14.8MB
-
MD5
92efc14aa81e78a75d0ec57cb5807c5d
-
SHA1
c1301afc869509bc6b71a19edfeb8e82776b8bc0
-
SHA256
817e0007386c685b1ca38fd9957310e9e34e30c664f6da65a9b5943009af8087
-
SHA512
75a36405df5928a8a4dad148b184e573ee0c3f7c0c9cf1571b8f6222872323f015b6bca07d3134c32b87a6efde3c2b0a9b75897273887b0dd9fef5ce4b2928fa
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-