General
-
Target
831cc28c1df7d6d5789844af95749ae2ff44b0f5aae529d252349bb80a559e14
-
Size
1.8MB
-
Sample
220701-rnaawafghn
-
MD5
edf310e39806d0574cf8322c2e695800
-
SHA1
c7f834c31bf263618eec69435175a08ce4dad097
-
SHA256
831cc28c1df7d6d5789844af95749ae2ff44b0f5aae529d252349bb80a559e14
-
SHA512
04d85d3165dce1bd3c643b4cfa0c771b646d7d22fe13e62211e58d7ecb619d7b6b5b32760baed17be0d42c4b0b170e2aa5cc20628d4df483127b44c5e5b50907
Static task
static1
Behavioral task
behavioral1
Sample
831cc28c1df7d6d5789844af95749ae2ff44b0f5aae529d252349bb80a559e14.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
831cc28c1df7d6d5789844af95749ae2ff44b0f5aae529d252349bb80a559e14.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
831cc28c1df7d6d5789844af95749ae2ff44b0f5aae529d252349bb80a559e14
-
Size
1.8MB
-
MD5
edf310e39806d0574cf8322c2e695800
-
SHA1
c7f834c31bf263618eec69435175a08ce4dad097
-
SHA256
831cc28c1df7d6d5789844af95749ae2ff44b0f5aae529d252349bb80a559e14
-
SHA512
04d85d3165dce1bd3c643b4cfa0c771b646d7d22fe13e62211e58d7ecb619d7b6b5b32760baed17be0d42c4b0b170e2aa5cc20628d4df483127b44c5e5b50907
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-