General
-
Target
modest-menu.exe
-
Size
11.5MB
-
Sample
220723-2xypyahehn
-
MD5
3930ab52a2e6f4b0b371421cd3e509b9
-
SHA1
907013d0f905adc305caf0251c164db528eb596e
-
SHA256
71296bb15128fe1039a0566b746afaee20092fd8b575322536ec97725a9da9cd
-
SHA512
a6d8ed3dc52422b0f486e6ea4f87a414461ec0a04dc5257bdc7341362b4f141331f1eac5b5ce52c6c532450b188e87383944808153134a2e144660b5cfd9130e
Behavioral task
behavioral1
Sample
modest-menu.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
modest-menu.exe
-
Size
11.5MB
-
MD5
3930ab52a2e6f4b0b371421cd3e509b9
-
SHA1
907013d0f905adc305caf0251c164db528eb596e
-
SHA256
71296bb15128fe1039a0566b746afaee20092fd8b575322536ec97725a9da9cd
-
SHA512
a6d8ed3dc52422b0f486e6ea4f87a414461ec0a04dc5257bdc7341362b4f141331f1eac5b5ce52c6c532450b188e87383944808153134a2e144660b5cfd9130e
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-