General
-
Target
iwcfbelmib.glf
-
Size
8.9MB
-
Sample
220809-j1j2vafcfk
-
MD5
64407b3d50b351fb556850b5004ab591
-
SHA1
7ea3ed01bb26aaa7a90edd1c4fceea2de7ecebe1
-
SHA256
204f4aed39fc7625256f5f48812d8881c7f79b692bac0b0a484aba93205e061a
-
SHA512
25c0343283bb2097d135918c2eb61c8828575b4bef97a831577a321364ded073808c8588e391d681566974ef5ac192dd36ecaa4e05befddeb0b0e11833ef9e96
Behavioral task
behavioral1
Sample
iwcfbelmib.dll
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
iwcfbelmib.glf
-
Size
8.9MB
-
MD5
64407b3d50b351fb556850b5004ab591
-
SHA1
7ea3ed01bb26aaa7a90edd1c4fceea2de7ecebe1
-
SHA256
204f4aed39fc7625256f5f48812d8881c7f79b692bac0b0a484aba93205e061a
-
SHA512
25c0343283bb2097d135918c2eb61c8828575b4bef97a831577a321364ded073808c8588e391d681566974ef5ac192dd36ecaa4e05befddeb0b0e11833ef9e96
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-