General
-
Target
fe5fbfedbf7fee61617678a88c21c6dd124741de318b33634a34516cb53c9a34
-
Size
1.8MB
-
Sample
220925-ef13eaedfj
-
MD5
3471689db6efeea777cce79294589467
-
SHA1
b3ebf6c3cb4c2c4621451d112819789aa7615fcd
-
SHA256
fe5fbfedbf7fee61617678a88c21c6dd124741de318b33634a34516cb53c9a34
-
SHA512
810ff7976121f333f8ce02030f8766980455e1a26d9d09701f2728a3bccb80ecec944da82ef5e3046bdaa47d8248099dc6512ed7abe34137d076f10527f21fc6
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
fe5fbfedbf7fee61617678a88c21c6dd124741de318b33634a34516cb53c9a34
-
Size
1.8MB
-
MD5
3471689db6efeea777cce79294589467
-
SHA1
b3ebf6c3cb4c2c4621451d112819789aa7615fcd
-
SHA256
fe5fbfedbf7fee61617678a88c21c6dd124741de318b33634a34516cb53c9a34
-
SHA512
810ff7976121f333f8ce02030f8766980455e1a26d9d09701f2728a3bccb80ecec944da82ef5e3046bdaa47d8248099dc6512ed7abe34137d076f10527f21fc6
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-