General
-
Target
cac7126c0c86261c4633d646c73f3ea103a8101f15e7b8c0f3d8a02f5c822e23
-
Size
1.9MB
-
Sample
220723-16dkpahchn
-
MD5
18f73fa21237158988b72e1652b746c9
-
SHA1
94f66d4b66eec3f384c300f8e3890cb52505f07f
-
SHA256
cac7126c0c86261c4633d646c73f3ea103a8101f15e7b8c0f3d8a02f5c822e23
-
SHA512
b0e7ac2ef98fdc36100543f3678238111cf351bf130f75de02c9ff3909c9c26d94ad75380cfacfc1bce32e26b792fab9cafea0f9edaae95be47efa7620454561
Behavioral task
behavioral1
Sample
cac7126c0c86261c4633d646c73f3ea103a8101f15e7b8c0f3d8a02f5c822e23.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
cac7126c0c86261c4633d646c73f3ea103a8101f15e7b8c0f3d8a02f5c822e23.exe
Resource
win10-20220718-en
Malware Config
Targets
-
-
Target
cac7126c0c86261c4633d646c73f3ea103a8101f15e7b8c0f3d8a02f5c822e23
-
Size
1.9MB
-
MD5
18f73fa21237158988b72e1652b746c9
-
SHA1
94f66d4b66eec3f384c300f8e3890cb52505f07f
-
SHA256
cac7126c0c86261c4633d646c73f3ea103a8101f15e7b8c0f3d8a02f5c822e23
-
SHA512
b0e7ac2ef98fdc36100543f3678238111cf351bf130f75de02c9ff3909c9c26d94ad75380cfacfc1bce32e26b792fab9cafea0f9edaae95be47efa7620454561
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-