General
-
Target
iebwvjjvih
-
Size
10.6MB
-
Sample
220712-hbrvqafacn
-
MD5
825bf79bf5ea0fc0bd1ec248d247647d
-
SHA1
01183ae1bfc3cf4c43312b45b8de227e949dee32
-
SHA256
78f5872d9cee1fdebd7700529958935ae07e7ee79872ff169601fad5964e1efe
-
SHA512
70be186a258ae6429c20398f981bec4695ae9a595ac7c11c41b9e4d335cd1453e7beddbf4e291ac91d9d119427b474c8db4d481d935399b28e1780161ab7dfbf
Static task
static1
Behavioral task
behavioral1
Sample
iebwvjjvih.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
iebwvjjvih.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
iebwvjjvih
-
Size
10.6MB
-
MD5
825bf79bf5ea0fc0bd1ec248d247647d
-
SHA1
01183ae1bfc3cf4c43312b45b8de227e949dee32
-
SHA256
78f5872d9cee1fdebd7700529958935ae07e7ee79872ff169601fad5964e1efe
-
SHA512
70be186a258ae6429c20398f981bec4695ae9a595ac7c11c41b9e4d335cd1453e7beddbf4e291ac91d9d119427b474c8db4d481d935399b28e1780161ab7dfbf
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-