General
-
Target
705579fe27ec8c933219e9b2f12d668b7d1c1f2d255269dfc02298a6012ee386
-
Size
4.6MB
-
Sample
220708-h8mx2ahbc4
-
MD5
c9bc7bbeee37b3e6680d347f22a9730e
-
SHA1
dfb05eb9aab756cabf19b29fef31ed610511db6b
-
SHA256
705579fe27ec8c933219e9b2f12d668b7d1c1f2d255269dfc02298a6012ee386
-
SHA512
2c89ff4bb44b4da9d66d516e2a2a526781cf6328810170a3247b81a2c0f59566ae7240b3adbce978993a748365e057582d348f0cfa5e0be8fb6f10753b4a69ff
Static task
static1
Behavioral task
behavioral1
Sample
705579fe27ec8c933219e9b2f12d668b7d1c1f2d255269dfc02298a6012ee386.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
705579fe27ec8c933219e9b2f12d668b7d1c1f2d255269dfc02298a6012ee386
-
Size
4.6MB
-
MD5
c9bc7bbeee37b3e6680d347f22a9730e
-
SHA1
dfb05eb9aab756cabf19b29fef31ed610511db6b
-
SHA256
705579fe27ec8c933219e9b2f12d668b7d1c1f2d255269dfc02298a6012ee386
-
SHA512
2c89ff4bb44b4da9d66d516e2a2a526781cf6328810170a3247b81a2c0f59566ae7240b3adbce978993a748365e057582d348f0cfa5e0be8fb6f10753b4a69ff
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-