General
-
Target
4f335599beaa4792e1946ac5fe2c3c47148b3417bc366a971c038a96a50b022c
-
Size
395KB
-
Sample
220720-sjk29agfa9
-
MD5
067b3fc946d8c430154d7c7648faa5b5
-
SHA1
4731f00dd7b4ec54289ba565ee326341adc8d7fe
-
SHA256
4f335599beaa4792e1946ac5fe2c3c47148b3417bc366a971c038a96a50b022c
-
SHA512
f43e632bbfadc896de616f16f890388808e4972c8204b102ac58044865d0e758a0d937ccdff449370554e9baa051764cf20936970679eadcfdb7cf85c20ca330
Static task
static1
Behavioral task
behavioral1
Sample
Propuesta-estrategia.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
Propuesta-estrategia.exe
-
Size
552KB
-
MD5
ff3ead9b3608969b11b467c9a2cc8edd
-
SHA1
4c720661536dae0696d1158a9c732d5e0c7369e4
-
SHA256
5ba70f3254c52fc2b0dbc6520c443d3b4bd0bc593c2aebe1d3f3402ebc9194f0
-
SHA512
58fd80ee0efc7eaf2ec96646ceffc0a8046d7b9908aaa273ac1b06ad239f5b4e91556b692601b073a3b35e68a42be1e720884ac0e8b8998610d4c070203cd311
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-