General
-
Target
19271a21eecc6fd0a2c0057ea715e9b8f81c53d2052239e3ee25a8893b5d95e7
-
Size
39.3MB
-
Sample
220721-mv42lsehb4
-
MD5
a9eb0ced20bd86d51bb02f2ba9d4a3fd
-
SHA1
1036c06b86135ad9eca7502b8259e29822ba6555
-
SHA256
19271a21eecc6fd0a2c0057ea715e9b8f81c53d2052239e3ee25a8893b5d95e7
-
SHA512
8641ed1cd50f750d3e40a959536e015ea44b902d4d9bc3370ee3f554ee6b42ffbebe50c54a3c313ae88125d0eac63c98b0c94311cdfd72874df636ee19c260b8
Behavioral task
behavioral1
Sample
19271a21eecc6fd0a2c0057ea715e9b8f81c53d2052239e3ee25a8893b5d95e7.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
19271a21eecc6fd0a2c0057ea715e9b8f81c53d2052239e3ee25a8893b5d95e7
-
Size
39.3MB
-
MD5
a9eb0ced20bd86d51bb02f2ba9d4a3fd
-
SHA1
1036c06b86135ad9eca7502b8259e29822ba6555
-
SHA256
19271a21eecc6fd0a2c0057ea715e9b8f81c53d2052239e3ee25a8893b5d95e7
-
SHA512
8641ed1cd50f750d3e40a959536e015ea44b902d4d9bc3370ee3f554ee6b42ffbebe50c54a3c313ae88125d0eac63c98b0c94311cdfd72874df636ee19c260b8
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-