General
-
Target
8336be4203b3284a88cbdb336a16c0dab5f55e63efcd390aa66805a095ec3624
-
Size
3.1MB
-
Sample
220808-x1na6ahad3
-
MD5
b3c952fa0c0bd888dc75422083fdbd17
-
SHA1
c95a59d704784b43fca22408682415b29cb47bf7
-
SHA256
8336be4203b3284a88cbdb336a16c0dab5f55e63efcd390aa66805a095ec3624
-
SHA512
16bfa4989cf2cc9405bcbcaa8cb638eb5bfd811bbfb3f6cec7994ae62e314994e0455fb2aacb3ec986d4ea67e88e6c5b7cedb80c205227bb99e4e67702a81910
Behavioral task
behavioral1
Sample
8336be4203b3284a88cbdb336a16c0dab5f55e63efcd390aa66805a095ec3624.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
8336be4203b3284a88cbdb336a16c0dab5f55e63efcd390aa66805a095ec3624
-
Size
3.1MB
-
MD5
b3c952fa0c0bd888dc75422083fdbd17
-
SHA1
c95a59d704784b43fca22408682415b29cb47bf7
-
SHA256
8336be4203b3284a88cbdb336a16c0dab5f55e63efcd390aa66805a095ec3624
-
SHA512
16bfa4989cf2cc9405bcbcaa8cb638eb5bfd811bbfb3f6cec7994ae62e314994e0455fb2aacb3ec986d4ea67e88e6c5b7cedb80c205227bb99e4e67702a81910
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-