General
-
Target
5e37c410d8a3c7888cf430a1d5fd4605e43ee889493b4687fff193cac1e5a9ea
-
Size
497KB
-
Sample
220731-zvvt6ahcer
-
MD5
35cd90f09615b805acefdef9836c983f
-
SHA1
2bb416ff8d866587504d22c5e3c74a5fc7afef1c
-
SHA256
5e37c410d8a3c7888cf430a1d5fd4605e43ee889493b4687fff193cac1e5a9ea
-
SHA512
a22728338da17ea992a3b16f8303768e53600c8af7194cf9ea15b5c4303d716be4beec6d7e44084b9b5fcada5992de49ddec7965666403939d03c74f0c8140e6
Static task
static1
Behavioral task
behavioral1
Sample
5e37c410d8a3c7888cf430a1d5fd4605e43ee889493b4687fff193cac1e5a9ea.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
5e37c410d8a3c7888cf430a1d5fd4605e43ee889493b4687fff193cac1e5a9ea.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
5e37c410d8a3c7888cf430a1d5fd4605e43ee889493b4687fff193cac1e5a9ea
-
Size
497KB
-
MD5
35cd90f09615b805acefdef9836c983f
-
SHA1
2bb416ff8d866587504d22c5e3c74a5fc7afef1c
-
SHA256
5e37c410d8a3c7888cf430a1d5fd4605e43ee889493b4687fff193cac1e5a9ea
-
SHA512
a22728338da17ea992a3b16f8303768e53600c8af7194cf9ea15b5c4303d716be4beec6d7e44084b9b5fcada5992de49ddec7965666403939d03c74f0c8140e6
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-