General
-
Target
93a7441b40ed607b622e36af870192a6b86f1cfc6b2675059193b6c6e312d44e
-
Size
1.8MB
-
Sample
220925-llqbesebd8
-
MD5
61e9096367ccabdc3a98a1178fd97ac3
-
SHA1
68fe7843c89b344024e25c6bf100273a0f520b9e
-
SHA256
93a7441b40ed607b622e36af870192a6b86f1cfc6b2675059193b6c6e312d44e
-
SHA512
968901c2319bcbfa1c71262f6b5030fb047ac77464f2d6c71e021c9160684501a9c41315912d9733ba18ffa1b8326e788013c445142ff406270615a74d0f92b5
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
93a7441b40ed607b622e36af870192a6b86f1cfc6b2675059193b6c6e312d44e
-
Size
1.8MB
-
MD5
61e9096367ccabdc3a98a1178fd97ac3
-
SHA1
68fe7843c89b344024e25c6bf100273a0f520b9e
-
SHA256
93a7441b40ed607b622e36af870192a6b86f1cfc6b2675059193b6c6e312d44e
-
SHA512
968901c2319bcbfa1c71262f6b5030fb047ac77464f2d6c71e021c9160684501a9c41315912d9733ba18ffa1b8326e788013c445142ff406270615a74d0f92b5
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-