General
-
Target
3c31956dc71c0769395387236c0228a83b420df50a8730785e6a3cc1283fbd5e
-
Size
197KB
-
Sample
220703-j7l5sabgcn
-
MD5
4bc476c37561af1ecf7ee25b9030d168
-
SHA1
aea35dc1bf75f137455ebb1db437d63a1ddc02ad
-
SHA256
3c31956dc71c0769395387236c0228a83b420df50a8730785e6a3cc1283fbd5e
-
SHA512
2e5427606788d512f55c9aea0cbee57caeca63ceed2d8853b73138e241c12a4aaa5db6585375a0b949b1c24e0d9577229eb0e8bea4bbc400c0daf1be83f6b2f9
Static task
static1
Behavioral task
behavioral1
Sample
3c31956dc71c0769395387236c0228a83b420df50a8730785e6a3cc1283fbd5e.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
3c31956dc71c0769395387236c0228a83b420df50a8730785e6a3cc1283fbd5e
-
Size
197KB
-
MD5
4bc476c37561af1ecf7ee25b9030d168
-
SHA1
aea35dc1bf75f137455ebb1db437d63a1ddc02ad
-
SHA256
3c31956dc71c0769395387236c0228a83b420df50a8730785e6a3cc1283fbd5e
-
SHA512
2e5427606788d512f55c9aea0cbee57caeca63ceed2d8853b73138e241c12a4aaa5db6585375a0b949b1c24e0d9577229eb0e8bea4bbc400c0daf1be83f6b2f9
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-