General
-
Target
af54403904ac8e687184e57ff1fddf97a7b9ce196895a7da5262b90d47da915c
-
Size
734KB
-
Sample
220731-fnkk3aacek
-
MD5
7969150b6ec8e1ab8a542d50c985e489
-
SHA1
8f8ab77541b644396b50b447384f6a213b71f353
-
SHA256
af54403904ac8e687184e57ff1fddf97a7b9ce196895a7da5262b90d47da915c
-
SHA512
2cfdecde59f68b5ba3f6ce4b19d129853663da850aface5bdea4572a3686f71877c3f83b566818b17e02fa211b5cd3ff674e22b161cea4427cf862708095f30a
Static task
static1
Behavioral task
behavioral1
Sample
af54403904ac8e687184e57ff1fddf97a7b9ce196895a7da5262b90d47da915c.rtf
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
af54403904ac8e687184e57ff1fddf97a7b9ce196895a7da5262b90d47da915c.rtf
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
af54403904ac8e687184e57ff1fddf97a7b9ce196895a7da5262b90d47da915c
-
Size
734KB
-
MD5
7969150b6ec8e1ab8a542d50c985e489
-
SHA1
8f8ab77541b644396b50b447384f6a213b71f353
-
SHA256
af54403904ac8e687184e57ff1fddf97a7b9ce196895a7da5262b90d47da915c
-
SHA512
2cfdecde59f68b5ba3f6ce4b19d129853663da850aface5bdea4572a3686f71877c3f83b566818b17e02fa211b5cd3ff674e22b161cea4427cf862708095f30a
-
Modifies firewall policy service
-
Executes dropped EXE
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-