General
-
Target
bd41eb88a8931214d5936b953e23afd0f454e569f59f55a578dd0ad02fd67ebd
-
Size
1.8MB
-
Sample
221003-ef2c6sfab2
-
MD5
63ee2bb19f0a90f4cb217fa18a7c06a2
-
SHA1
6dd22dc58c32236a22277c776adceb84f008359e
-
SHA256
bd41eb88a8931214d5936b953e23afd0f454e569f59f55a578dd0ad02fd67ebd
-
SHA512
9c2b027ff2f232245af0202c6035788ff5aca4f43a6bc1c987b9218130b634cf0ad7b090a51dc005155f4b7f9f3ae1b0b0e7e512906a784325cda9631caefb8c
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
bd41eb88a8931214d5936b953e23afd0f454e569f59f55a578dd0ad02fd67ebd
-
Size
1.8MB
-
MD5
63ee2bb19f0a90f4cb217fa18a7c06a2
-
SHA1
6dd22dc58c32236a22277c776adceb84f008359e
-
SHA256
bd41eb88a8931214d5936b953e23afd0f454e569f59f55a578dd0ad02fd67ebd
-
SHA512
9c2b027ff2f232245af0202c6035788ff5aca4f43a6bc1c987b9218130b634cf0ad7b090a51dc005155f4b7f9f3ae1b0b0e7e512906a784325cda9631caefb8c
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-