General
-
Target
f57d9d1d08a0380e0f02276f0d9546d7a39bb9f1157d72bc97b3fdf91f394cde
-
Size
659KB
-
Sample
221004-hb8s8sgaem
-
MD5
13cea37ede7722a75af94d68436d9ee8
-
SHA1
0b9414ca684130c1b044ecf7c23f16142bf6be6d
-
SHA256
f57d9d1d08a0380e0f02276f0d9546d7a39bb9f1157d72bc97b3fdf91f394cde
-
SHA512
0d7a627ed3c182d73746c49806198c58bae43ca4befaaf38a5cf3df2e1c0dfe8af83cf42e0db797e36eea8880b5d6d68367b25e059ba85cdb74f9043cfbb13ee
-
SSDEEP
12288:Q9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKp:WAQ6Zx9cxTmOrucTIEFSpOGk
Behavioral task
behavioral1
Sample
f57d9d1d08a0380e0f02276f0d9546d7a39bb9f1157d72bc97b3fdf91f394cde.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f57d9d1d08a0380e0f02276f0d9546d7a39bb9f1157d72bc97b3fdf91f394cde.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f57d9d1d08a0380e0f02276f0d9546d7a39bb9f1157d72bc97b3fdf91f394cde
-
Size
659KB
-
MD5
13cea37ede7722a75af94d68436d9ee8
-
SHA1
0b9414ca684130c1b044ecf7c23f16142bf6be6d
-
SHA256
f57d9d1d08a0380e0f02276f0d9546d7a39bb9f1157d72bc97b3fdf91f394cde
-
SHA512
0d7a627ed3c182d73746c49806198c58bae43ca4befaaf38a5cf3df2e1c0dfe8af83cf42e0db797e36eea8880b5d6d68367b25e059ba85cdb74f9043cfbb13ee
-
SSDEEP
12288:Q9AFlAd0Z+89cxTGzO4AucTD8QP2lmFSrVs9LqnKp:WAQ6Zx9cxTmOrucTIEFSpOGk
Score10/10-
Modifies WinLogon for persistence
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-