General
-
Target
c3757309489b02fcf7c63fab593e8c7e28f51ee08a837e4dd72875406bc83e98
-
Size
310KB
-
Sample
220724-y62leafbh4
-
MD5
adb2bc6fcdf4c4be6d6fc40c2a4fb741
-
SHA1
2079091af6ab817a2ba60b3b2ac85284139bbfba
-
SHA256
c3757309489b02fcf7c63fab593e8c7e28f51ee08a837e4dd72875406bc83e98
-
SHA512
ca34b22a39fc3d708fd7ade90c80dab181aa26b1c9f007390099aa2c799e6f3c36af1f5bb9f9c736caa00959cc334524ac67d8163e1c5c17a1762d94915b2a8e
Static task
static1
Behavioral task
behavioral1
Sample
c3757309489b02fcf7c63fab593e8c7e28f51ee08a837e4dd72875406bc83e98.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
c3757309489b02fcf7c63fab593e8c7e28f51ee08a837e4dd72875406bc83e98
-
Size
310KB
-
MD5
adb2bc6fcdf4c4be6d6fc40c2a4fb741
-
SHA1
2079091af6ab817a2ba60b3b2ac85284139bbfba
-
SHA256
c3757309489b02fcf7c63fab593e8c7e28f51ee08a837e4dd72875406bc83e98
-
SHA512
ca34b22a39fc3d708fd7ade90c80dab181aa26b1c9f007390099aa2c799e6f3c36af1f5bb9f9c736caa00959cc334524ac67d8163e1c5c17a1762d94915b2a8e
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-