General
-
Target
e2ffec4c510e4b62bac31c4179eb2762a3a7de253b6006ed9f2b20d1daa6fcad
-
Size
1.8MB
-
Sample
221003-dgfx7adcc5
-
MD5
b7bfa67085ddb398db45e2ccc6a67cbf
-
SHA1
b4cf6653639a4e6dc3c2bb845635947e5e0d30b7
-
SHA256
e2ffec4c510e4b62bac31c4179eb2762a3a7de253b6006ed9f2b20d1daa6fcad
-
SHA512
28d1cffdc76a2c40214c40cfe9029c3f96b792f985e0462e4d9dba75ecdf9000dfbd3d5a713a2635864e0c950b74463b274481d04196d2d1cc63888f65e02439
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
e2ffec4c510e4b62bac31c4179eb2762a3a7de253b6006ed9f2b20d1daa6fcad
-
Size
1.8MB
-
MD5
b7bfa67085ddb398db45e2ccc6a67cbf
-
SHA1
b4cf6653639a4e6dc3c2bb845635947e5e0d30b7
-
SHA256
e2ffec4c510e4b62bac31c4179eb2762a3a7de253b6006ed9f2b20d1daa6fcad
-
SHA512
28d1cffdc76a2c40214c40cfe9029c3f96b792f985e0462e4d9dba75ecdf9000dfbd3d5a713a2635864e0c950b74463b274481d04196d2d1cc63888f65e02439
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-