General
-
Target
99ca521b2cf80e69c0493303e9870a9c55a0e1c93005b49d9de3f96a800a701a.exe
-
Size
2.5MB
-
Sample
220807-rm4hbscaap
-
MD5
1b5c894a95dcf5bb9c0f6e61aa081b11
-
SHA1
3089bc5e97dd7c0ff81cf1776b4fc91e8b4841e8
-
SHA256
99ca521b2cf80e69c0493303e9870a9c55a0e1c93005b49d9de3f96a800a701a
-
SHA512
a4384a341b4d90094e15b1c7f08f896f568c8e0f77acce624a80f7398b50d6db40e00efd03a5a14d121d8f5112880f2d37b2b824a6f85a37f88866fa7e628131
Behavioral task
behavioral1
Sample
99ca521b2cf80e69c0493303e9870a9c55a0e1c93005b49d9de3f96a800a701a.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
99ca521b2cf80e69c0493303e9870a9c55a0e1c93005b49d9de3f96a800a701a.exe
-
Size
2.5MB
-
MD5
1b5c894a95dcf5bb9c0f6e61aa081b11
-
SHA1
3089bc5e97dd7c0ff81cf1776b4fc91e8b4841e8
-
SHA256
99ca521b2cf80e69c0493303e9870a9c55a0e1c93005b49d9de3f96a800a701a
-
SHA512
a4384a341b4d90094e15b1c7f08f896f568c8e0f77acce624a80f7398b50d6db40e00efd03a5a14d121d8f5112880f2d37b2b824a6f85a37f88866fa7e628131
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-