General
-
Target
54dbfdb9c79902b7c4d8e912e23208076551e14c9bb3531f4ff2486df390ef8c
-
Size
659KB
-
Sample
220725-wdngzaghd9
-
MD5
21656ef176bee004042a3439b37d4159
-
SHA1
1e8b981b43a753a8fadd68138a46544ea860488e
-
SHA256
54dbfdb9c79902b7c4d8e912e23208076551e14c9bb3531f4ff2486df390ef8c
-
SHA512
f58560d20650335dfb9382f0400b6ffe2c37788385e55188342a581814f7ac24fef29bd95107dfbe307828b7c4cc40f5668d0abba187d9ca36b9f9498ecc1cfe
Static task
static1
Behavioral task
behavioral1
Sample
54dbfdb9c79902b7c4d8e912e23208076551e14c9bb3531f4ff2486df390ef8c.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
54dbfdb9c79902b7c4d8e912e23208076551e14c9bb3531f4ff2486df390ef8c.exe
Resource
win10v2004-20220722-en
Malware Config
Targets
-
-
Target
54dbfdb9c79902b7c4d8e912e23208076551e14c9bb3531f4ff2486df390ef8c
-
Size
659KB
-
MD5
21656ef176bee004042a3439b37d4159
-
SHA1
1e8b981b43a753a8fadd68138a46544ea860488e
-
SHA256
54dbfdb9c79902b7c4d8e912e23208076551e14c9bb3531f4ff2486df390ef8c
-
SHA512
f58560d20650335dfb9382f0400b6ffe2c37788385e55188342a581814f7ac24fef29bd95107dfbe307828b7c4cc40f5668d0abba187d9ca36b9f9498ecc1cfe
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-