General
-
Target
b56ebc93a9ac3ccea88ae22132aff8679ffe212ead91708cedc45cf9e86f4dfd
-
Size
395KB
-
Sample
220720-sjkfqagfa8
-
MD5
f7de98eeffb74164d144d69deaa3b589
-
SHA1
324cf59344fa323915045960792d45afae42741b
-
SHA256
b56ebc93a9ac3ccea88ae22132aff8679ffe212ead91708cedc45cf9e86f4dfd
-
SHA512
798d91557bf2ae38436ffefcf979f98f792a88eb889feedca1c8ec5b2fdd5d683687e94e165fe50b230f697c933c34f758c0c5e6a7913ce0a793e9f15d8001d0
Static task
static1
Behavioral task
behavioral1
Sample
Propuesta-estrategia.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
Propuesta-estrategia.exe
-
Size
552KB
-
MD5
ff3ead9b3608969b11b467c9a2cc8edd
-
SHA1
4c720661536dae0696d1158a9c732d5e0c7369e4
-
SHA256
5ba70f3254c52fc2b0dbc6520c443d3b4bd0bc593c2aebe1d3f3402ebc9194f0
-
SHA512
58fd80ee0efc7eaf2ec96646ceffc0a8046d7b9908aaa273ac1b06ad239f5b4e91556b692601b073a3b35e68a42be1e720884ac0e8b8998610d4c070203cd311
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-