General
-
Target
b6f8c147744d5119622ee898c16f2c2b.exe
-
Size
410KB
-
Sample
221001-kep7eaggdk
-
MD5
b6f8c147744d5119622ee898c16f2c2b
-
SHA1
2313097e48e467962f09c7c1f09a3ba1c77807ed
-
SHA256
01963cd8acdc4785b03eacce00bbcf32803b04358725fb45f5a4f2c48fddf81f
-
SHA512
ee1a1c617d1a2602eed4a41f50ea069d155cd8a3b759c19dcf143e43d8f3554605afd7f4a55d1ac75959bb2a3b1c8b9da709a5bc2ad37d6b1efe543e3714d85d
-
SSDEEP
6144:N8AHOFh4/z/AlppYH1HOFtYlwFcMcELWuD9IS:N8AHOFhQzMfYMz6TMRWw9Z
Static task
static1
Behavioral task
behavioral1
Sample
b6f8c147744d5119622ee898c16f2c2b.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
b6f8c147744d5119622ee898c16f2c2b.exe
-
Size
410KB
-
MD5
b6f8c147744d5119622ee898c16f2c2b
-
SHA1
2313097e48e467962f09c7c1f09a3ba1c77807ed
-
SHA256
01963cd8acdc4785b03eacce00bbcf32803b04358725fb45f5a4f2c48fddf81f
-
SHA512
ee1a1c617d1a2602eed4a41f50ea069d155cd8a3b759c19dcf143e43d8f3554605afd7f4a55d1ac75959bb2a3b1c8b9da709a5bc2ad37d6b1efe543e3714d85d
-
SSDEEP
6144:N8AHOFh4/z/AlppYH1HOFtYlwFcMcELWuD9IS:N8AHOFhQzMfYMz6TMRWw9Z
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-