General
-
Target
45fa0aed1db052d2dc31f3d3b1696908f33dd542f76fefbd5774746d64e5f648
-
Size
308KB
-
Sample
220707-l9lcdaceek
-
MD5
43328dc39cc24500c5d4b9b735f08332
-
SHA1
9755de1f71e5fe30b8e9b9b9fb4d9302a4b847ab
-
SHA256
45fa0aed1db052d2dc31f3d3b1696908f33dd542f76fefbd5774746d64e5f648
-
SHA512
7c214746fe0d9cecc774324b9ffc13217bd91fbfe3c66cc1a9ec4002d7b8dce1e8e03921a64e01f406cf00f65d21d2f6678aa1c27d2f1d4b3cdb6c77219db08c
Static task
static1
Behavioral task
behavioral1
Sample
45fa0aed1db052d2dc31f3d3b1696908f33dd542f76fefbd5774746d64e5f648.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
45fa0aed1db052d2dc31f3d3b1696908f33dd542f76fefbd5774746d64e5f648
-
Size
308KB
-
MD5
43328dc39cc24500c5d4b9b735f08332
-
SHA1
9755de1f71e5fe30b8e9b9b9fb4d9302a4b847ab
-
SHA256
45fa0aed1db052d2dc31f3d3b1696908f33dd542f76fefbd5774746d64e5f648
-
SHA512
7c214746fe0d9cecc774324b9ffc13217bd91fbfe3c66cc1a9ec4002d7b8dce1e8e03921a64e01f406cf00f65d21d2f6678aa1c27d2f1d4b3cdb6c77219db08c
-
Modifies firewall policy service
-
suricata: ET MALWARE Win32/Neurevt.A/Betabot Check-in 4
suricata: ET MALWARE Win32/Neurevt.A/Betabot Check-in 4
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-