General
-
Target
54744f07a0392fce45f1b8ab1c0e209342dec263290cbe70d1ff7e1caa9d4680
-
Size
1.3MB
-
Sample
220725-xykggsbdf3
-
MD5
bd7cc66b6c5dcec6388089ae2653ed22
-
SHA1
1a6c37dc95efdfb9d579f7d082d17f3698c67885
-
SHA256
54744f07a0392fce45f1b8ab1c0e209342dec263290cbe70d1ff7e1caa9d4680
-
SHA512
bc2be25537f7f8aa5125c62e81b87f052a1ee87308314a4fee20bf6256e6d0c2b8bd9e51a755806829f95e20861aaad3140d87411f59cefd2a32dd21003e8936
Static task
static1
Behavioral task
behavioral1
Sample
54744f07a0392fce45f1b8ab1c0e209342dec263290cbe70d1ff7e1caa9d4680.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
54744f07a0392fce45f1b8ab1c0e209342dec263290cbe70d1ff7e1caa9d4680
-
Size
1.3MB
-
MD5
bd7cc66b6c5dcec6388089ae2653ed22
-
SHA1
1a6c37dc95efdfb9d579f7d082d17f3698c67885
-
SHA256
54744f07a0392fce45f1b8ab1c0e209342dec263290cbe70d1ff7e1caa9d4680
-
SHA512
bc2be25537f7f8aa5125c62e81b87f052a1ee87308314a4fee20bf6256e6d0c2b8bd9e51a755806829f95e20861aaad3140d87411f59cefd2a32dd21003e8936
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-