General
-
Target
38e8053da794b9fb4154489d6a2bbf419a97b043bfa9d5bbce14fddb08ec7de7
-
Size
1.8MB
-
Sample
220924-1dstxaddcq
-
MD5
ae799bf52e89d41eec0237e538a547d1
-
SHA1
6dc9b92e97b715806f4b1f7e06571c16c0a02a48
-
SHA256
38e8053da794b9fb4154489d6a2bbf419a97b043bfa9d5bbce14fddb08ec7de7
-
SHA512
aa963996466879f951fe380e90ecdbd216904500c837660bbba58a80a3b9016f2189aa2c570adb27a733ec5f250c7b2d5cd4f21c881ad29023bee73561ce682e
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
38e8053da794b9fb4154489d6a2bbf419a97b043bfa9d5bbce14fddb08ec7de7
-
Size
1.8MB
-
MD5
ae799bf52e89d41eec0237e538a547d1
-
SHA1
6dc9b92e97b715806f4b1f7e06571c16c0a02a48
-
SHA256
38e8053da794b9fb4154489d6a2bbf419a97b043bfa9d5bbce14fddb08ec7de7
-
SHA512
aa963996466879f951fe380e90ecdbd216904500c837660bbba58a80a3b9016f2189aa2c570adb27a733ec5f250c7b2d5cd4f21c881ad29023bee73561ce682e
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-