General
-
Target
b9b5937a711b635be3eb09c0e174358106797902b4ab925a6825c622e7830e29
-
Size
2.6MB
-
Sample
220725-sq1raagbdm
-
MD5
62bcf3681f7741ac73fbee9b2d2d64cf
-
SHA1
2c6cc6a1c7285eef59b8cb79e7086eb6bc7df848
-
SHA256
b9b5937a711b635be3eb09c0e174358106797902b4ab925a6825c622e7830e29
-
SHA512
50426883988854ceea4effe09f308e933f3fd762c0211222c1752a1c8e5580a63e8f324a59ee033416bd5fc7b2bcb8c2bdfb2e88067756a7117aae3e88aeaa8a
Behavioral task
behavioral1
Sample
b9b5937a711b635be3eb09c0e174358106797902b4ab925a6825c622e7830e29.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
b9b5937a711b635be3eb09c0e174358106797902b4ab925a6825c622e7830e29
-
Size
2.6MB
-
MD5
62bcf3681f7741ac73fbee9b2d2d64cf
-
SHA1
2c6cc6a1c7285eef59b8cb79e7086eb6bc7df848
-
SHA256
b9b5937a711b635be3eb09c0e174358106797902b4ab925a6825c622e7830e29
-
SHA512
50426883988854ceea4effe09f308e933f3fd762c0211222c1752a1c8e5580a63e8f324a59ee033416bd5fc7b2bcb8c2bdfb2e88067756a7117aae3e88aeaa8a
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-