General
-
Target
f08cd6f83cccda48e0d0c8bd9af1353bf7e8c2ec194df5e47e73362353cf3878
-
Size
1.8MB
-
Sample
220925-gv8rxaegfp
-
MD5
bceb3fedc5c0d0fc669cd995bda5c249
-
SHA1
32328f42409fc745b0ac25a7f02c1e615be896de
-
SHA256
f08cd6f83cccda48e0d0c8bd9af1353bf7e8c2ec194df5e47e73362353cf3878
-
SHA512
179cd5619b719486afe8bc6d04ebb28113bf46973ce26dd02b70cec6fa29b444b7434606cb20c9aeb336be756be4e80ea9f0b3b7d760a0d24c7544f20df22bc5
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
f08cd6f83cccda48e0d0c8bd9af1353bf7e8c2ec194df5e47e73362353cf3878
-
Size
1.8MB
-
MD5
bceb3fedc5c0d0fc669cd995bda5c249
-
SHA1
32328f42409fc745b0ac25a7f02c1e615be896de
-
SHA256
f08cd6f83cccda48e0d0c8bd9af1353bf7e8c2ec194df5e47e73362353cf3878
-
SHA512
179cd5619b719486afe8bc6d04ebb28113bf46973ce26dd02b70cec6fa29b444b7434606cb20c9aeb336be756be4e80ea9f0b3b7d760a0d24c7544f20df22bc5
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-