General
-
Target
dac6dc38f7cbd0337407b34c9dff11b72e65df08637f18e450e02c5dcd23cf5e
-
Size
1.8MB
-
Sample
221003-fryl4ahah5
-
MD5
57bd0f24135ce0f153457d92c67ca3f4
-
SHA1
137da7b2d8ad6f977fa552d07c70b1dc02a2e565
-
SHA256
dac6dc38f7cbd0337407b34c9dff11b72e65df08637f18e450e02c5dcd23cf5e
-
SHA512
52c7cb0ecf861093ca3fd6431031b768720350f2d19f3e679c7e4fb0ea549317d54820bec2c8f6cf711b0590747bc686f7dee7579242663664091be648404a05
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
Static task
static1
Malware Config
Targets
-
-
Target
dac6dc38f7cbd0337407b34c9dff11b72e65df08637f18e450e02c5dcd23cf5e
-
Size
1.8MB
-
MD5
57bd0f24135ce0f153457d92c67ca3f4
-
SHA1
137da7b2d8ad6f977fa552d07c70b1dc02a2e565
-
SHA256
dac6dc38f7cbd0337407b34c9dff11b72e65df08637f18e450e02c5dcd23cf5e
-
SHA512
52c7cb0ecf861093ca3fd6431031b768720350f2d19f3e679c7e4fb0ea549317d54820bec2c8f6cf711b0590747bc686f7dee7579242663664091be648404a05
-
SSDEEP
49152:AiSzCD+K95aLs7zeqLTVtXtHFIDP8EehiM8qZA:AiSzCD+K95aUeqFtXtHwEEehig
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-