General
-
Target
Setup.rar
-
Size
2.3MB
-
Sample
220811-sx11maghem
-
MD5
596d6b08b66e56079772f1d1a139fe7e
-
SHA1
e40e8745dc8ccff2b7fb5eb2f8a7b28a6aede6d6
-
SHA256
075f4a01bc210fadd913276eb553eee456a9d385cd9951715f5bca0be63d842e
-
SHA512
e8afc3e1f83f7ed03593618cd4f651545e7f4dd296799c2e0810ead5259c7d62acdf2aa237f2807a823c5e5316066bc3fa48c281aa9be49364f71578b7c6987b
Behavioral task
behavioral1
Sample
Setup/Setup.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
Setup/Setup.exe
-
Size
394.2MB
-
MD5
c79e2bfd1f0acb9e37e6314d5c63c67e
-
SHA1
07c169a3a6d4e8795ec8d3d91b0e6794207aeca8
-
SHA256
3925686c8a7a4ec49537ce3caa3d52d24950b0256d30785d5dae2fb47678e77e
-
SHA512
583d0b3375064feec9c033e57834f7aee3189be223dd20c528a5bb1b4433fabd3b707d414fcf87fe79c4913a6d163bc9ef3035aa93f48506e61b0274d97e06a9
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-