General
-
Target
eae560dbefc0340f86d6440dc3aa0dae5b102a42ee557a02b14e054f279085e4
-
Size
1.8MB
-
Sample
220925-hzym6sdga6
-
MD5
9180f60b86869c8488c7ba5dc9e6a446
-
SHA1
99c275b0cc81a82c31bf407fb99f18f712dd9fc6
-
SHA256
eae560dbefc0340f86d6440dc3aa0dae5b102a42ee557a02b14e054f279085e4
-
SHA512
6ec9787a9f0b30dfe6a837ee34df586e8dfbfb4b7325a5eef6a85e8b2fe337771bb072a592a4180a7f0b6aa4c9a84b1cd2ba1262870d25dd922dd7006e9583a8
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
eae560dbefc0340f86d6440dc3aa0dae5b102a42ee557a02b14e054f279085e4
-
Size
1.8MB
-
MD5
9180f60b86869c8488c7ba5dc9e6a446
-
SHA1
99c275b0cc81a82c31bf407fb99f18f712dd9fc6
-
SHA256
eae560dbefc0340f86d6440dc3aa0dae5b102a42ee557a02b14e054f279085e4
-
SHA512
6ec9787a9f0b30dfe6a837ee34df586e8dfbfb4b7325a5eef6a85e8b2fe337771bb072a592a4180a7f0b6aa4c9a84b1cd2ba1262870d25dd922dd7006e9583a8
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-