General
-
Target
64baa458c33f7c5add3db3bfe86e64257b94c8373dfacf88725297bd889f5c72
-
Size
1.8MB
-
Sample
220925-hf3g1sehdp
-
MD5
d13abea4f3519412c41459483332a9d2
-
SHA1
aa36068f33b9edfbc134b4aca698615b8783bb8f
-
SHA256
64baa458c33f7c5add3db3bfe86e64257b94c8373dfacf88725297bd889f5c72
-
SHA512
cc869af4f58e2a449c98cc48d195d904ee7758e7c3f83fca4d2fceba2fba4480fc6039585ea18807e218beafd8e2d7599fcda51905400a4045a6cf18da4ee579
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
64baa458c33f7c5add3db3bfe86e64257b94c8373dfacf88725297bd889f5c72
-
Size
1.8MB
-
MD5
d13abea4f3519412c41459483332a9d2
-
SHA1
aa36068f33b9edfbc134b4aca698615b8783bb8f
-
SHA256
64baa458c33f7c5add3db3bfe86e64257b94c8373dfacf88725297bd889f5c72
-
SHA512
cc869af4f58e2a449c98cc48d195d904ee7758e7c3f83fca4d2fceba2fba4480fc6039585ea18807e218beafd8e2d7599fcda51905400a4045a6cf18da4ee579
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-