General
-
Target
f2930620f8d2059149b284d2a04990d8cbc6690f
-
Size
3.6MB
-
Sample
220711-nrf12sgfhp
-
MD5
741f7fd6af800ba69ccc3d4255da8ddd
-
SHA1
f2930620f8d2059149b284d2a04990d8cbc6690f
-
SHA256
50d68a1b46f0ff39819073c387dd61d47f45965ebe1cdff323954d94692510e5
-
SHA512
22a3da0fbc1ae353a80243083977e64eacd47458b984af6ae659444dfdc070ba728be8a4dd7f68f37bcb3ab1b260ea99b4b1492a21d12f0a125319f746b28059
Static task
static1
Behavioral task
behavioral1
Sample
f2930620f8d2059149b284d2a04990d8cbc6690f.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
f2930620f8d2059149b284d2a04990d8cbc6690f
-
Size
3.6MB
-
MD5
741f7fd6af800ba69ccc3d4255da8ddd
-
SHA1
f2930620f8d2059149b284d2a04990d8cbc6690f
-
SHA256
50d68a1b46f0ff39819073c387dd61d47f45965ebe1cdff323954d94692510e5
-
SHA512
22a3da0fbc1ae353a80243083977e64eacd47458b984af6ae659444dfdc070ba728be8a4dd7f68f37bcb3ab1b260ea99b4b1492a21d12f0a125319f746b28059
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-