General
-
Target
b22888773d89fc006f8a68ed1b638dd61e13377e045e379147dae163d16fd4f1
-
Size
9.2MB
-
Sample
220707-k7ldxsaebr
-
MD5
bd1efe592adc9cfcf247e22255ada2c6
-
SHA1
6f7edcc4d7b30488d1661ecfb37953ed84cfed79
-
SHA256
b22888773d89fc006f8a68ed1b638dd61e13377e045e379147dae163d16fd4f1
-
SHA512
8565f6b6ad98c1126fafb019f80c93939036d311e2dc34385d5c3e9994cd519d891c1443b305ae6688c306fdf918408b4ec32a46285775aa86632a452af09a58
Static task
static1
Malware Config
Targets
-
-
Target
b22888773d89fc006f8a68ed1b638dd61e13377e045e379147dae163d16fd4f1
-
Size
9.2MB
-
MD5
bd1efe592adc9cfcf247e22255ada2c6
-
SHA1
6f7edcc4d7b30488d1661ecfb37953ed84cfed79
-
SHA256
b22888773d89fc006f8a68ed1b638dd61e13377e045e379147dae163d16fd4f1
-
SHA512
8565f6b6ad98c1126fafb019f80c93939036d311e2dc34385d5c3e9994cd519d891c1443b305ae6688c306fdf918408b4ec32a46285775aa86632a452af09a58
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-