General
-
Target
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd
-
Size
688KB
-
Sample
220718-xc71nadcg4
-
MD5
009ab396124e8a95257738d28212720a
-
SHA1
239fbb1e20337f7dc293efd628a4b7d5b5949396
-
SHA256
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd
-
SHA512
22152f29b15482c5dd7f2eb0a828f333140fcf3c9c1513ba58f960adae72bc4f717dd703229a8858407bf05bdba43f728b7502fae18fff0522bde44733a0802a
Static task
static1
Behavioral task
behavioral1
Sample
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd.exe
Resource
win10v2004-20220718-en
Malware Config
Targets
-
-
Target
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd
-
Size
688KB
-
MD5
009ab396124e8a95257738d28212720a
-
SHA1
239fbb1e20337f7dc293efd628a4b7d5b5949396
-
SHA256
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd
-
SHA512
22152f29b15482c5dd7f2eb0a828f333140fcf3c9c1513ba58f960adae72bc4f717dd703229a8858407bf05bdba43f728b7502fae18fff0522bde44733a0802a
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-