General
-
Target
3e10e2ae32a7f103ad4d6792a6820ef6fa501a71a2cbfe7f7d4450e3b91df91b
-
Size
523KB
-
Sample
220701-qs46daecfl
-
MD5
5466511fc7aab8d572021aecbbb544e1
-
SHA1
fc9057afed652ebdfc643f7daca5b9ece498b6ec
-
SHA256
3e10e2ae32a7f103ad4d6792a6820ef6fa501a71a2cbfe7f7d4450e3b91df91b
-
SHA512
9e380ec3d1df4754199c0ec8fb6c7d775203b61707c1d94c25f44812a5cf796d1fc6916d847d63b97e78e20105de6f18ee1542cf71125afc776790a18f75afbe
Static task
static1
Behavioral task
behavioral1
Sample
3e10e2ae32a7f103ad4d6792a6820ef6fa501a71a2cbfe7f7d4450e3b91df91b.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3e10e2ae32a7f103ad4d6792a6820ef6fa501a71a2cbfe7f7d4450e3b91df91b.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
3e10e2ae32a7f103ad4d6792a6820ef6fa501a71a2cbfe7f7d4450e3b91df91b
-
Size
523KB
-
MD5
5466511fc7aab8d572021aecbbb544e1
-
SHA1
fc9057afed652ebdfc643f7daca5b9ece498b6ec
-
SHA256
3e10e2ae32a7f103ad4d6792a6820ef6fa501a71a2cbfe7f7d4450e3b91df91b
-
SHA512
9e380ec3d1df4754199c0ec8fb6c7d775203b61707c1d94c25f44812a5cf796d1fc6916d847d63b97e78e20105de6f18ee1542cf71125afc776790a18f75afbe
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-