General
-
Target
a6741e55a5e91be6e8d2c8b70857829b11556c5865990055fb49d8978e643fc5
-
Size
2.2MB
-
Sample
220708-r7pvnseeep
-
MD5
6a2a6a7e27fe3151c2af49a4e4de9915
-
SHA1
769cedf745dc2eb30f520905e3d476422e3a43ce
-
SHA256
a6741e55a5e91be6e8d2c8b70857829b11556c5865990055fb49d8978e643fc5
-
SHA512
e40acae93c353f8a1fa1a7cd893897c8bc9d7cf7d06d304156d4b9e2829790d1a89c756d7cbaee50066886c1e0480cbd8a28f5d8a836d467d2bc4bacb6bb381e
Static task
static1
Behavioral task
behavioral1
Sample
a6741e55a5e91be6e8d2c8b70857829b11556c5865990055fb49d8978e643fc5.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
a6741e55a5e91be6e8d2c8b70857829b11556c5865990055fb49d8978e643fc5
-
Size
2.2MB
-
MD5
6a2a6a7e27fe3151c2af49a4e4de9915
-
SHA1
769cedf745dc2eb30f520905e3d476422e3a43ce
-
SHA256
a6741e55a5e91be6e8d2c8b70857829b11556c5865990055fb49d8978e643fc5
-
SHA512
e40acae93c353f8a1fa1a7cd893897c8bc9d7cf7d06d304156d4b9e2829790d1a89c756d7cbaee50066886c1e0480cbd8a28f5d8a836d467d2bc4bacb6bb381e
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-