General
-
Target
44ed5d5cca129bc8113743eab6b7a009d28df50263e2fa4651f627f96b9fa3a7
-
Size
1.5MB
-
Sample
220707-waz2lafcd2
-
MD5
a09d99fd7cc3cbe58926d3b778bca583
-
SHA1
312fef65abc31074f8e1a923c4d68c8dcc67b50c
-
SHA256
44ed5d5cca129bc8113743eab6b7a009d28df50263e2fa4651f627f96b9fa3a7
-
SHA512
85f580487a99c1cd89156d381f78c4f7318ac5ff3e0ee9c19b94d9e646dddecf16cf01c6425cffda40545c5a4588749d1feb7e13c8e7969bc783a0e3caede9ab
Static task
static1
Behavioral task
behavioral1
Sample
44ed5d5cca129bc8113743eab6b7a009d28df50263e2fa4651f627f96b9fa3a7.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
44ed5d5cca129bc8113743eab6b7a009d28df50263e2fa4651f627f96b9fa3a7
-
Size
1.5MB
-
MD5
a09d99fd7cc3cbe58926d3b778bca583
-
SHA1
312fef65abc31074f8e1a923c4d68c8dcc67b50c
-
SHA256
44ed5d5cca129bc8113743eab6b7a009d28df50263e2fa4651f627f96b9fa3a7
-
SHA512
85f580487a99c1cd89156d381f78c4f7318ac5ff3e0ee9c19b94d9e646dddecf16cf01c6425cffda40545c5a4588749d1feb7e13c8e7969bc783a0e3caede9ab
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-