General
-
Target
Spotify 1.1.90.859.zip
-
Size
2.9MB
-
Sample
220820-z966qsbdc8
-
MD5
c6081ae57007b312391b222ab244c5c0
-
SHA1
2f8eb1a698a37dd6c5b97b5ba9c8bf8518c9a083
-
SHA256
81c05296fec1e8708fb461d88c5d51567d12e83539119e2fb5255ec7feccc8f1
-
SHA512
128442e464c4f83a49c429242113ef6eca1dc721d7b019e9d328877f8283d2fb08b06be43dc5592c53212722e1376b0ba0b22cf9ebb774e826e6042f72b7a169
-
SSDEEP
49152:R/HvZcKgagq1xbtvFMxzlAgzqN/nME1YAfUoJyR6B/c9L:R/HKKga5Pbt8zlAgzGME1YAFYOkL
Behavioral task
behavioral1
Sample
Spotify 1.1.90.859/Setup.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
Spotify 1.1.90.859/Setup.exe
-
Size
394.2MB
-
MD5
41333aee20ae82b2b27a67d24c1f1806
-
SHA1
19193394450c45259f51b6e60ffec0eda76c2a57
-
SHA256
35a3a71400a3162ab5a8e9db3d08ff8ac32c139176e4a8b3048c492626c1109e
-
SHA512
dbc528030305a4cd2d8722a7ba942f4ab3230cfbf220ee8eca5c19737022c64ffc73481daba5a445b05034514bb50c7bf393e94b77933f3f8740031a5bcb8c29
-
SSDEEP
49152:Zb1F6eQ+yYkyPbDbT0RW7IjPfat/6lrLwodKq9T/Oz/:Z1vmWEY/6BwyLby/
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-