General
-
Target
41e7b169c52c8fb5f12655e024aded045aa2c09b72b8e0125648d1f0dc9a7ae0
-
Size
520KB
-
Sample
220708-etqtlabaf8
-
MD5
81501d955a942bc4b12b6fb1df160a3d
-
SHA1
1787ad490d9fa9aa29ce16b89743a1ba215fa251
-
SHA256
41e7b169c52c8fb5f12655e024aded045aa2c09b72b8e0125648d1f0dc9a7ae0
-
SHA512
1b4a3b95099eb5add4a8c9aad47d380640c95b5a83ee462f60f509575cdd85a6f9e9c4c01d07d6e5c88a9dc58842557133450003f4b1b42e3bb508350126f033
Static task
static1
Behavioral task
behavioral1
Sample
41e7b169c52c8fb5f12655e024aded045aa2c09b72b8e0125648d1f0dc9a7ae0.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
41e7b169c52c8fb5f12655e024aded045aa2c09b72b8e0125648d1f0dc9a7ae0.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
41e7b169c52c8fb5f12655e024aded045aa2c09b72b8e0125648d1f0dc9a7ae0
-
Size
520KB
-
MD5
81501d955a942bc4b12b6fb1df160a3d
-
SHA1
1787ad490d9fa9aa29ce16b89743a1ba215fa251
-
SHA256
41e7b169c52c8fb5f12655e024aded045aa2c09b72b8e0125648d1f0dc9a7ae0
-
SHA512
1b4a3b95099eb5add4a8c9aad47d380640c95b5a83ee462f60f509575cdd85a6f9e9c4c01d07d6e5c88a9dc58842557133450003f4b1b42e3bb508350126f033
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-