General
-
Target
9f228c5a911cfdfa203a80d8b82b7f79138962ff8bf2d8e190c4c57d5e77e3e4
-
Size
1.3MB
-
Sample
220724-zbswfsfdd6
-
MD5
f9065fe7114201c9bc8715bf5a438330
-
SHA1
4be47f97e0d5f016f126014a101f8d6b3a34f8af
-
SHA256
9f228c5a911cfdfa203a80d8b82b7f79138962ff8bf2d8e190c4c57d5e77e3e4
-
SHA512
39c118606ebb0f38f4dff41788b2fb6e9b1d76f8068c283636d0e701082d4faa686e286105cb9cf791d8172b24f02dcba83d36e8d823bdbbdfd256a2ab3181e6
Static task
static1
Behavioral task
behavioral1
Sample
9f228c5a911cfdfa203a80d8b82b7f79138962ff8bf2d8e190c4c57d5e77e3e4.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
9f228c5a911cfdfa203a80d8b82b7f79138962ff8bf2d8e190c4c57d5e77e3e4
-
Size
1.3MB
-
MD5
f9065fe7114201c9bc8715bf5a438330
-
SHA1
4be47f97e0d5f016f126014a101f8d6b3a34f8af
-
SHA256
9f228c5a911cfdfa203a80d8b82b7f79138962ff8bf2d8e190c4c57d5e77e3e4
-
SHA512
39c118606ebb0f38f4dff41788b2fb6e9b1d76f8068c283636d0e701082d4faa686e286105cb9cf791d8172b24f02dcba83d36e8d823bdbbdfd256a2ab3181e6
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-