General
-
Target
212672b1ca5332272ecf7e523d0edeb8b30367a63ddc50116b420db4bc90580d
-
Size
3.4MB
-
Sample
220708-r8xxnsghb6
-
MD5
462998be85d2a3af3c386dc64fe7b31f
-
SHA1
eb1e38f70239d217b0b15ca10d73b0ea60c84cf4
-
SHA256
212672b1ca5332272ecf7e523d0edeb8b30367a63ddc50116b420db4bc90580d
-
SHA512
21af5c9209d4b1c252f9214330a712ea265c5f20008093c06f22a51d6284e9c8d2b5aa7285c2c1203509681d4f01aedc61bb6bacf60c6f3b8f815e5298f3d259
Static task
static1
Behavioral task
behavioral1
Sample
212672b1ca5332272ecf7e523d0edeb8b30367a63ddc50116b420db4bc90580d.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
212672b1ca5332272ecf7e523d0edeb8b30367a63ddc50116b420db4bc90580d
-
Size
3.4MB
-
MD5
462998be85d2a3af3c386dc64fe7b31f
-
SHA1
eb1e38f70239d217b0b15ca10d73b0ea60c84cf4
-
SHA256
212672b1ca5332272ecf7e523d0edeb8b30367a63ddc50116b420db4bc90580d
-
SHA512
21af5c9209d4b1c252f9214330a712ea265c5f20008093c06f22a51d6284e9c8d2b5aa7285c2c1203509681d4f01aedc61bb6bacf60c6f3b8f815e5298f3d259
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-