General
-
Target
fd04c9c39436e1059e79258c270284b2
-
Size
8.7MB
-
Sample
220809-z4v7aagdgm
-
MD5
fd04c9c39436e1059e79258c270284b2
-
SHA1
6ea2a2d1d38212d9584e7325fbca32b5941c86a7
-
SHA256
a0608f64719281ac9ae204a1a92e9c8cf44ab30e6525b7f1f565e3cba6051221
-
SHA512
fec8c5af048253ae2a6476b1c7d25f63cca9f70181774ab5d48256b99996899a8da141177a75a29f55d0a49ff98c539cbe13431ceec613b49dd1b3412d72bd0c
Behavioral task
behavioral1
Sample
B8DH2AUB1SCIX0XQCII2GEHEII8Z3JV9K6B.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
B8DH2AUB1SCIX0XQCII2GEHEII8Z3JV9K6B.exe
Resource
win10v2004-20220722-en
Behavioral task
behavioral3
Sample
XI3PV3M1PUUSEXXBH3LKN91TRFIN1166ZD2.dll
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
B8DH2AUB1SCIX0XQCII2GEHEII8Z3JV9K6B
-
Size
883KB
-
MD5
3d9e621aa8d9d1a97eff65affaee6cc2
-
SHA1
79c2c6e16d566912eb10cca2895539b9adb88cdb
-
SHA256
54e90ef3b2121408e03bb343b70583fe15a2ca24d5d76e8129766dbaa22817c5
-
SHA512
3d2d91393bffb3cfc1b919d5d4fadad1a2daa5d7ae54b0007e6c33af311c3ffb2f1b4e008d016d4043a2a0433e838d940f47bf4a857484878c46dd985c545a55
Score1/10 -
-
-
Target
XI3PV3M1PUUSEXXBH3LKN91TRFIN1166ZD2
-
Size
8.4MB
-
MD5
43e7413c02debc49385ca0821350af55
-
SHA1
8835996015ee50ac50e6302c6af3fb6582f9ab5e
-
SHA256
433811102726bc15416ca338a2df55ec1daaf3f2565ee00d7f6484064746fb30
-
SHA512
65945f240287cc6e43efd4dc93c58dfd2240f820a5d01bd4a869ebc48c5d8596809e8f16b12afdd18374021e8209794f1bd3e53ab2ad2d7bbacb2bca6d9e626a
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-