General
-
Target
fc4636fad3407adafdd1c354be765cb8
-
Size
4.0MB
-
Sample
220815-eq79gagha5
-
MD5
fc4636fad3407adafdd1c354be765cb8
-
SHA1
d03c44676a35c6d8b66a9980620369801c487fc1
-
SHA256
798a73227869f741dfef2febcb8180d71d1748a8f8002097d72f2af0bdad753d
-
SHA512
df311df357788daab81d3ee40eac392e73da0f406bb11b441c85da04ce2ef2fa1692cea13e318e267594324e8200409206f675a56407e3c7167b8d40b67c2774
Behavioral task
behavioral1
Sample
fc4636fad3407adafdd1c354be765cb8.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
fc4636fad3407adafdd1c354be765cb8
-
Size
4.0MB
-
MD5
fc4636fad3407adafdd1c354be765cb8
-
SHA1
d03c44676a35c6d8b66a9980620369801c487fc1
-
SHA256
798a73227869f741dfef2febcb8180d71d1748a8f8002097d72f2af0bdad753d
-
SHA512
df311df357788daab81d3ee40eac392e73da0f406bb11b441c85da04ce2ef2fa1692cea13e318e267594324e8200409206f675a56407e3c7167b8d40b67c2774
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-