General
-
Target
9c7e29c721b9524b371ff62ebf92d4e38abbd2a3c5d05715e2add153aed4c221
-
Size
4.8MB
-
Sample
220808-nx7qysacbp
-
MD5
4fc82b5e28a7265ee93c3e7c5ea6de8b
-
SHA1
fc24012a44abaeea5c7fcf3c67da7c480ab6b7ce
-
SHA256
9c7e29c721b9524b371ff62ebf92d4e38abbd2a3c5d05715e2add153aed4c221
-
SHA512
8b7d2d2d6bdcf5404d17196c124c615cc3283b3d4ea1d6ebc4dd7ad294667e39b3202fc538ed74f70561d6983ac3d9e9c8a09967d250b59eaf13de38285c3a76
Behavioral task
behavioral1
Sample
9c7e29c721b9524b371ff62ebf92d4e38abbd2a3c5d05715e2add153aed4c221.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
9c7e29c721b9524b371ff62ebf92d4e38abbd2a3c5d05715e2add153aed4c221
-
Size
4.8MB
-
MD5
4fc82b5e28a7265ee93c3e7c5ea6de8b
-
SHA1
fc24012a44abaeea5c7fcf3c67da7c480ab6b7ce
-
SHA256
9c7e29c721b9524b371ff62ebf92d4e38abbd2a3c5d05715e2add153aed4c221
-
SHA512
8b7d2d2d6bdcf5404d17196c124c615cc3283b3d4ea1d6ebc4dd7ad294667e39b3202fc538ed74f70561d6983ac3d9e9c8a09967d250b59eaf13de38285c3a76
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-