General
-
Target
edfc85ba889f72aa942fb12cd05664f15898db5c93d6f44f177e09a3990cd06a
-
Size
1.9MB
-
Sample
220724-16bfbsacd2
-
MD5
f1652e3ed08e855c196507b001b22c76
-
SHA1
83c5b113042a8f077ec7f84baa0a94511a72072d
-
SHA256
edfc85ba889f72aa942fb12cd05664f15898db5c93d6f44f177e09a3990cd06a
-
SHA512
923ffa8310be31762fe942ddb092b58203b2da1673050f71c2b6058ad63850b7fbbf187bea8d461fe103c599a6c29360c90b9a7619d09fab03679c7efd6bd903
Behavioral task
behavioral1
Sample
edfc85ba889f72aa942fb12cd05664f15898db5c93d6f44f177e09a3990cd06a.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
edfc85ba889f72aa942fb12cd05664f15898db5c93d6f44f177e09a3990cd06a.exe
Resource
win10-20220718-en
Malware Config
Targets
-
-
Target
edfc85ba889f72aa942fb12cd05664f15898db5c93d6f44f177e09a3990cd06a
-
Size
1.9MB
-
MD5
f1652e3ed08e855c196507b001b22c76
-
SHA1
83c5b113042a8f077ec7f84baa0a94511a72072d
-
SHA256
edfc85ba889f72aa942fb12cd05664f15898db5c93d6f44f177e09a3990cd06a
-
SHA512
923ffa8310be31762fe942ddb092b58203b2da1673050f71c2b6058ad63850b7fbbf187bea8d461fe103c599a6c29360c90b9a7619d09fab03679c7efd6bd903
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-