General
-
Target
Joinify.exe
-
Size
24.1MB
-
Sample
220929-rx9gbsbbd5
-
MD5
124214e9b81c06db94e2154efc69e963
-
SHA1
6b4d5525695e6d2bad78b44c4d0e4780a922384b
-
SHA256
9c9293f5976224a1d64d694c660abd95869e4284dc036df074ea4cf0ee4c2315
-
SHA512
b886cd5e822752d1422b95d64b53b090a6a306d678382d91c7ad6370d0c882524b7d4a8372c256773b807d32e2e90c426bc6c92febe14cd9f1eb4956d6bd8e58
-
SSDEEP
786432:szYQ1h/fyVmdXK4EJqQxo2s6tXBUqmWET:vQjXyVQ9TQG2XtXe
Behavioral task
behavioral1
Sample
Joinify.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
Joinify.exe
-
Size
24.1MB
-
MD5
124214e9b81c06db94e2154efc69e963
-
SHA1
6b4d5525695e6d2bad78b44c4d0e4780a922384b
-
SHA256
9c9293f5976224a1d64d694c660abd95869e4284dc036df074ea4cf0ee4c2315
-
SHA512
b886cd5e822752d1422b95d64b53b090a6a306d678382d91c7ad6370d0c882524b7d4a8372c256773b807d32e2e90c426bc6c92febe14cd9f1eb4956d6bd8e58
-
SSDEEP
786432:szYQ1h/fyVmdXK4EJqQxo2s6tXBUqmWET:vQjXyVQ9TQG2XtXe
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-