General
-
Target
3dad9b4bab250ac2b613d2976439ba3affc0af117247c152b9fe672ab02b879d
-
Size
327KB
-
Sample
220701-sfy5pshdbl
-
MD5
eab510e11134f46561322a4d9aced505
-
SHA1
1543faad2926152a3f3a43c825795b5bf1f2ecae
-
SHA256
3dad9b4bab250ac2b613d2976439ba3affc0af117247c152b9fe672ab02b879d
-
SHA512
0a05680363bc97fd7768f081ef49f007e7989a62a21dfa42eb63a60b2dfdc7be64a95bf0ca23f801c606fdbfa06394948c165116a79ba5aa076253f584815a40
Static task
static1
Behavioral task
behavioral1
Sample
3dad9b4bab250ac2b613d2976439ba3affc0af117247c152b9fe672ab02b879d.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
3dad9b4bab250ac2b613d2976439ba3affc0af117247c152b9fe672ab02b879d
-
Size
327KB
-
MD5
eab510e11134f46561322a4d9aced505
-
SHA1
1543faad2926152a3f3a43c825795b5bf1f2ecae
-
SHA256
3dad9b4bab250ac2b613d2976439ba3affc0af117247c152b9fe672ab02b879d
-
SHA512
0a05680363bc97fd7768f081ef49f007e7989a62a21dfa42eb63a60b2dfdc7be64a95bf0ca23f801c606fdbfa06394948c165116a79ba5aa076253f584815a40
-
Modifies firewall policy service
-
suricata: ET MALWARE Win32/Neurevt.A/Betabot Check-in 4
suricata: ET MALWARE Win32/Neurevt.A/Betabot Check-in 4
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-