General
-
Target
8b58757c429503a45480ae6baa5509b21e55d5c1fe81574871acc9d2edae22c9
-
Size
1.6MB
-
Sample
220722-16a5kaabc5
-
MD5
c037ec35abf70d0367f4a41ae16e7226
-
SHA1
8d3c519235913e0ac5e507fb0b816f9a275d489b
-
SHA256
8b58757c429503a45480ae6baa5509b21e55d5c1fe81574871acc9d2edae22c9
-
SHA512
0986a3b7de0c975a0a867dce71869811466b28378986e4d1fb8a9dd5e178e0082a5f744a580e7012d35c23374c33ff1fd3f659b11f502d1505eb4b7a7ebfe158
Behavioral task
behavioral1
Sample
8b58757c429503a45480ae6baa5509b21e55d5c1fe81574871acc9d2edae22c9.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
8b58757c429503a45480ae6baa5509b21e55d5c1fe81574871acc9d2edae22c9.exe
Resource
win10-20220718-en
Malware Config
Targets
-
-
Target
8b58757c429503a45480ae6baa5509b21e55d5c1fe81574871acc9d2edae22c9
-
Size
1.6MB
-
MD5
c037ec35abf70d0367f4a41ae16e7226
-
SHA1
8d3c519235913e0ac5e507fb0b816f9a275d489b
-
SHA256
8b58757c429503a45480ae6baa5509b21e55d5c1fe81574871acc9d2edae22c9
-
SHA512
0986a3b7de0c975a0a867dce71869811466b28378986e4d1fb8a9dd5e178e0082a5f744a580e7012d35c23374c33ff1fd3f659b11f502d1505eb4b7a7ebfe158
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-