General
-
Target
nbigdxqqfu.ncy
-
Size
8.4MB
-
Sample
220701-kba83sbgep
-
MD5
3a2ba549d59aa944f20df5dbbc70827c
-
SHA1
b6f0863186b3dee82abdd2806a7313645d4908fc
-
SHA256
2cea1385ca83dbc79de55e3aca99f02f2f10a46122956d27346bac0cd23dbc76
-
SHA512
c9c4cad12a64969c5ca678b7d3b328fe1d7ff1e3866daf86f5720ed864169f4660c4143bbc84206bd8a64cc2db1327b094e6d87683bb06702e87c9c87e6f8639
Static task
static1
Behavioral task
behavioral1
Sample
nbigdxqqfu.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
nbigdxqqfu.ncy
-
Size
8.4MB
-
MD5
3a2ba549d59aa944f20df5dbbc70827c
-
SHA1
b6f0863186b3dee82abdd2806a7313645d4908fc
-
SHA256
2cea1385ca83dbc79de55e3aca99f02f2f10a46122956d27346bac0cd23dbc76
-
SHA512
c9c4cad12a64969c5ca678b7d3b328fe1d7ff1e3866daf86f5720ed864169f4660c4143bbc84206bd8a64cc2db1327b094e6d87683bb06702e87c9c87e6f8639
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-