General
-
Target
fb460bfdf1f932d7ecfb1b7cbfb8017b1d7a1e229a6b8abe65f76e3056b12c16
-
Size
1.8MB
-
Sample
220809-fzl82afcd4
-
MD5
522c712c417436213b382e9326f6257a
-
SHA1
0864ed18f8e40dce0d48e9a1b85d4ac8f8ee3295
-
SHA256
fb460bfdf1f932d7ecfb1b7cbfb8017b1d7a1e229a6b8abe65f76e3056b12c16
-
SHA512
69d44e30f3244d08e215a0398ec4313fb20c0988320bfe07dc09437c30019b8ccc13e4716d521b80730c2cf1187117c564cb6d0bd2572c6cf6ece30b94d404da
Static task
static1
Malware Config
Targets
-
-
Target
fb460bfdf1f932d7ecfb1b7cbfb8017b1d7a1e229a6b8abe65f76e3056b12c16
-
Size
1.8MB
-
MD5
522c712c417436213b382e9326f6257a
-
SHA1
0864ed18f8e40dce0d48e9a1b85d4ac8f8ee3295
-
SHA256
fb460bfdf1f932d7ecfb1b7cbfb8017b1d7a1e229a6b8abe65f76e3056b12c16
-
SHA512
69d44e30f3244d08e215a0398ec4313fb20c0988320bfe07dc09437c30019b8ccc13e4716d521b80730c2cf1187117c564cb6d0bd2572c6cf6ece30b94d404da
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-