General

  • Target

    2d7cadfb5b804809690a472d8fcd66593b50bd94c802071725cd4959017dd667

  • Size

    1.8MB

  • Sample

    220918-rwpqjabdc2

  • MD5

    47c10edcd59f09ee28dfa12397e1e9c1

  • SHA1

    55010af0d73eb48a3f4cebf395c89cd050d03bf6

  • SHA256

    2d7cadfb5b804809690a472d8fcd66593b50bd94c802071725cd4959017dd667

  • SHA512

    b4f0e60252253ed3898bf40bf86a3b7a53654d5ceb7bd271debf84d5a6f4748ef85a1091eb7a460858cf3c679c2448b094b7e49d1f755c10a7f4cc8b9ce9c79c

  • SSDEEP

    49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

Score
9/10

Malware Config

Targets

    • Target

      2d7cadfb5b804809690a472d8fcd66593b50bd94c802071725cd4959017dd667

    • Size

      1.8MB

    • MD5

      47c10edcd59f09ee28dfa12397e1e9c1

    • SHA1

      55010af0d73eb48a3f4cebf395c89cd050d03bf6

    • SHA256

      2d7cadfb5b804809690a472d8fcd66593b50bd94c802071725cd4959017dd667

    • SHA512

      b4f0e60252253ed3898bf40bf86a3b7a53654d5ceb7bd271debf84d5a6f4748ef85a1091eb7a460858cf3c679c2448b094b7e49d1f755c10a7f4cc8b9ce9c79c

    • SSDEEP

      49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig

    Score
    9/10
    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks