General
-
Target
602463257ced1e61f560b0bbfda886d7811b2e5d2f5f9ce21d7fd46df6127cbe
-
Size
653KB
-
Sample
220731-hdzy4schg2
-
MD5
90af9d543bc2b94e1e9b496c9bfaf720
-
SHA1
d907b07a76f9832c393d012f97523e925e1b9eff
-
SHA256
602463257ced1e61f560b0bbfda886d7811b2e5d2f5f9ce21d7fd46df6127cbe
-
SHA512
2d246cf67dc7bf490ff994be57285c3124adda7e3b445fd59bbba3806a8288988c28e7a3dacfe0e106ef87c01790d1f5acb567c79f53bc104ac8917402fc880d
Static task
static1
Behavioral task
behavioral1
Sample
602463257ced1e61f560b0bbfda886d7811b2e5d2f5f9ce21d7fd46df6127cbe.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
602463257ced1e61f560b0bbfda886d7811b2e5d2f5f9ce21d7fd46df6127cbe.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
602463257ced1e61f560b0bbfda886d7811b2e5d2f5f9ce21d7fd46df6127cbe
-
Size
653KB
-
MD5
90af9d543bc2b94e1e9b496c9bfaf720
-
SHA1
d907b07a76f9832c393d012f97523e925e1b9eff
-
SHA256
602463257ced1e61f560b0bbfda886d7811b2e5d2f5f9ce21d7fd46df6127cbe
-
SHA512
2d246cf67dc7bf490ff994be57285c3124adda7e3b445fd59bbba3806a8288988c28e7a3dacfe0e106ef87c01790d1f5acb567c79f53bc104ac8917402fc880d
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-