General
-
Target
bad3e57d7ab07c22cb3bfa87b5feb03640a8d40e6edd161e303f35d091cfdb17
-
Size
1.8MB
-
Sample
220924-3nhg2acdf7
-
MD5
640963e9cd97e9df24d0b4a17145c2ac
-
SHA1
e4e936940bbd4e6248b56a887b1222c5105b1d90
-
SHA256
bad3e57d7ab07c22cb3bfa87b5feb03640a8d40e6edd161e303f35d091cfdb17
-
SHA512
8ce0cf7c8b4deb4cbc859ea79d1e725480e11494644a94f32d5b75018d0736588bd69f4bbcedcff17d4a9a738b18bc9dcbd82661a1713f3774332047cb86915d
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
bad3e57d7ab07c22cb3bfa87b5feb03640a8d40e6edd161e303f35d091cfdb17
-
Size
1.8MB
-
MD5
640963e9cd97e9df24d0b4a17145c2ac
-
SHA1
e4e936940bbd4e6248b56a887b1222c5105b1d90
-
SHA256
bad3e57d7ab07c22cb3bfa87b5feb03640a8d40e6edd161e303f35d091cfdb17
-
SHA512
8ce0cf7c8b4deb4cbc859ea79d1e725480e11494644a94f32d5b75018d0736588bd69f4bbcedcff17d4a9a738b18bc9dcbd82661a1713f3774332047cb86915d
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-