General
-
Target
92a942d912472ae64d349a35addc3f1d2d46f3efd3b0973b7b0d3e8b30e97a68
-
Size
1.8MB
-
Sample
220925-fwv2rsddd4
-
MD5
d124b2ff4ffe1d4cc8cbf7e3a19746fa
-
SHA1
6d13bdb5b281e57795da79d685c4495545c6be84
-
SHA256
92a942d912472ae64d349a35addc3f1d2d46f3efd3b0973b7b0d3e8b30e97a68
-
SHA512
55e46b7fbb339b5977e36198c3bcb321a0273ecd112dcb5340d9be202ab981ccd477985882118374aabc19839bbf76c2814e1499ff6f72f0a03a24c5bd5ee2f7
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
92a942d912472ae64d349a35addc3f1d2d46f3efd3b0973b7b0d3e8b30e97a68
-
Size
1.8MB
-
MD5
d124b2ff4ffe1d4cc8cbf7e3a19746fa
-
SHA1
6d13bdb5b281e57795da79d685c4495545c6be84
-
SHA256
92a942d912472ae64d349a35addc3f1d2d46f3efd3b0973b7b0d3e8b30e97a68
-
SHA512
55e46b7fbb339b5977e36198c3bcb321a0273ecd112dcb5340d9be202ab981ccd477985882118374aabc19839bbf76c2814e1499ff6f72f0a03a24c5bd5ee2f7
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-