General
-
Target
Setup.exe
-
Size
380.9MB
-
Sample
221103-j8z32aaecr
-
MD5
b122b2a71b7bce0d2bc4eac5a1118c6d
-
SHA1
c6644608c8d65b8d9564ec0ad73e5d0e59d2c8cf
-
SHA256
7a578f31b88420cab5f78920951381c15bb123db4da3bec47a4050ec6a0284f1
-
SHA512
3cfbd0208bd0f67d46b3ba341d8376f7a7c01f04d6f73570205e72627f8122ecd9e1b23ce8621b2f48d9e7baef0c6596f52b8775f07a3c449b97cb8127d71ca2
-
SSDEEP
98304:3i4WHFi4bv8whyl1+gSVK8IBkhVysqXKGn:y1AZkhCx
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
54.9
1281
https://t.me/dsjdsnxshjx
-
profile_id
1281
Targets
-
-
Target
Setup.exe
-
Size
380.9MB
-
MD5
b122b2a71b7bce0d2bc4eac5a1118c6d
-
SHA1
c6644608c8d65b8d9564ec0ad73e5d0e59d2c8cf
-
SHA256
7a578f31b88420cab5f78920951381c15bb123db4da3bec47a4050ec6a0284f1
-
SHA512
3cfbd0208bd0f67d46b3ba341d8376f7a7c01f04d6f73570205e72627f8122ecd9e1b23ce8621b2f48d9e7baef0c6596f52b8775f07a3c449b97cb8127d71ca2
-
SSDEEP
98304:3i4WHFi4bv8whyl1+gSVK8IBkhVysqXKGn:y1AZkhCx
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-