General
-
Target
6327fb3da7680c014e9910fa8d1c012dbc677a2aa487c3ac996079408be7d10b.zip
-
Size
8.6MB
-
Sample
220701-kbamjsddc4
-
MD5
5122a4caaaff263db96e70c6a8925746
-
SHA1
561b3ab5fb171a545f8340782232ab8e44ef75ce
-
SHA256
6327fb3da7680c014e9910fa8d1c012dbc677a2aa487c3ac996079408be7d10b
-
SHA512
9a62bfc0014604b6db12b65fe37bf8904801fb4822f72e228df78de84a9a2ac2e5d5c8da225b00c20eb96500387bede407d27879efde02678d1c4349c02b7b22
Static task
static1
Behavioral task
behavioral1
Sample
d939n2z05etw2y8zec.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
d939n2z05etw2y8zec.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
fbo3xfp9z41vwe0tzc0jd.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
d939n2z05etw2y8zec
-
Size
884KB
-
MD5
4685811c853ceaebc991c3a8406694bf
-
SHA1
9cd382eb91bfea5782dd09f589a31b47c2c2b53e
-
SHA256
3242e0a736ef8ac90430a9f272ff30a81e2afc146fcb84a25c6e56e8192791e4
-
SHA512
a504fbca674f15d8964ebc6fac11d9431d700ca22736c00d5bb1e51551b0d2b9e4b2b6824bdf1a778111a0ba8d2601eada2f726b9ec7a9cfa5a53fd43c235b46
Score1/10 -
-
-
Target
fbo3xfp9z41vwe0tzc0jd
-
Size
8.5MB
-
MD5
ceb7d86b25278e2d828955a398de923c
-
SHA1
21bf41eb81548d5e97ca6e8780f669eb00860d28
-
SHA256
f1f0291aed00e8a997b0e8812f4757abdbd9ba85fd5e98f212b183c9f9c0e849
-
SHA512
7147a8d8d91319b0f1f82043441efe0b2ec4f55fa6ed3cce22851a43f0a3b0a434e41bf5c53b2cd8bbb089bff88c7269d9d1faa2a023308296a5076dd6441274
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-