General
-
Target
cbf395e32e8bfb5a333b90500af0f9bf3dd1e95360ef5b6a0b41941fc77eb3f4
-
Size
1.8MB
-
Sample
220923-jsq57ahebn
-
MD5
7428d5a77f7e761815bb00c2e71594be
-
SHA1
ffddd1b5b938b8a7e6e551bd8f12fb2c14a6a81e
-
SHA256
cbf395e32e8bfb5a333b90500af0f9bf3dd1e95360ef5b6a0b41941fc77eb3f4
-
SHA512
4f72d76dda18c5540eea5cb08bcc58f1c8914f53aa8ac182f25166d9422d94ed8f3a0714389d4a5c1b37029aaf10ee408650ea529c6072525f7e88396cb916f6
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
cbf395e32e8bfb5a333b90500af0f9bf3dd1e95360ef5b6a0b41941fc77eb3f4
-
Size
1.8MB
-
MD5
7428d5a77f7e761815bb00c2e71594be
-
SHA1
ffddd1b5b938b8a7e6e551bd8f12fb2c14a6a81e
-
SHA256
cbf395e32e8bfb5a333b90500af0f9bf3dd1e95360ef5b6a0b41941fc77eb3f4
-
SHA512
4f72d76dda18c5540eea5cb08bcc58f1c8914f53aa8ac182f25166d9422d94ed8f3a0714389d4a5c1b37029aaf10ee408650ea529c6072525f7e88396cb916f6
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-