General
-
Target
6c14caeb9d12c59ab0730bfe81bf44f94fddcc6c17ee3af55dd5eb0313b4b17f
-
Size
1MB
-
Sample
221003-dr5pasdgb3
-
MD5
d670797579d5e47292f5fb4bc6da7976
-
SHA1
0b4916d54492fc249e4542bba00fa7973f435332
-
SHA256
6c14caeb9d12c59ab0730bfe81bf44f94fddcc6c17ee3af55dd5eb0313b4b17f
-
SHA512
332b3fd844991f7ca5d9f8aa31c36f76cca6fea03879403da6f5743aa413bb73fb06d3afa26440e4c5345fc33a810c57066f49f8546123a351bbe94ae7b4c8c0
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
6c14caeb9d12c59ab0730bfe81bf44f94fddcc6c17ee3af55dd5eb0313b4b17f
-
Size
1MB
-
MD5
d670797579d5e47292f5fb4bc6da7976
-
SHA1
0b4916d54492fc249e4542bba00fa7973f435332
-
SHA256
6c14caeb9d12c59ab0730bfe81bf44f94fddcc6c17ee3af55dd5eb0313b4b17f
-
SHA512
332b3fd844991f7ca5d9f8aa31c36f76cca6fea03879403da6f5743aa413bb73fb06d3afa26440e4c5345fc33a810c57066f49f8546123a351bbe94ae7b4c8c0
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-