General
-
Target
aspack.dll
-
Size
8.1MB
-
Sample
220708-p1sa4scfap
-
MD5
1f168d3537686da20347b7eff489b0e8
-
SHA1
f8aa5b2fd542e20aaabd12ec2cded5fee3c66dfc
-
SHA256
d18b87265e2ed41cfb4f725b3ee23c82aadfc4c3e701351a1a60f26486b920ff
-
SHA512
e0be5c5c16203ea95eec7b673a0cea6a501b00a0cfdf84e45e39e66ccfccf5fb1489e4cb7434b07061dff00d3a701c64abb8e07ad20c9d88523117da0b0810f9
Static task
static1
Behavioral task
behavioral1
Sample
aspack.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
aspack.dll
-
Size
8.1MB
-
MD5
1f168d3537686da20347b7eff489b0e8
-
SHA1
f8aa5b2fd542e20aaabd12ec2cded5fee3c66dfc
-
SHA256
d18b87265e2ed41cfb4f725b3ee23c82aadfc4c3e701351a1a60f26486b920ff
-
SHA512
e0be5c5c16203ea95eec7b673a0cea6a501b00a0cfdf84e45e39e66ccfccf5fb1489e4cb7434b07061dff00d3a701c64abb8e07ad20c9d88523117da0b0810f9
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-