General
-
Target
4ea2b60fd43ac25703bfb3b2005ff58a8c89e0104d0aee7eac0021ebb5be1dfc
-
Size
279KB
-
Sample
220720-vhwtgacae7
-
MD5
9131aff420889f55824473c54487a7ad
-
SHA1
adfe459cffd537795353c78879c2744041c6aefb
-
SHA256
4ea2b60fd43ac25703bfb3b2005ff58a8c89e0104d0aee7eac0021ebb5be1dfc
-
SHA512
dbe765c271886dd22c293d610d93d82265122628d427aef1ff6e44458dd2ad04a436e18363560e3730ea7dbb5574e94ba38366e7ff48f925a375a03ee7c9f82a
Static task
static1
Behavioral task
behavioral1
Sample
4ea2b60fd43ac25703bfb3b2005ff58a8c89e0104d0aee7eac0021ebb5be1dfc.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
4ea2b60fd43ac25703bfb3b2005ff58a8c89e0104d0aee7eac0021ebb5be1dfc
-
Size
279KB
-
MD5
9131aff420889f55824473c54487a7ad
-
SHA1
adfe459cffd537795353c78879c2744041c6aefb
-
SHA256
4ea2b60fd43ac25703bfb3b2005ff58a8c89e0104d0aee7eac0021ebb5be1dfc
-
SHA512
dbe765c271886dd22c293d610d93d82265122628d427aef1ff6e44458dd2ad04a436e18363560e3730ea7dbb5574e94ba38366e7ff48f925a375a03ee7c9f82a
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-