General
-
Target
Setup.exe
-
Size
381.1MB
-
Sample
221103-jqsagaacdn
-
MD5
919ea65f48fc29a9201a1acf50e641fb
-
SHA1
9381dd8e0af5e0bf065ab00dd557f4c2ebf7ae51
-
SHA256
50f8a3767b236fdf50e8c6f01f04bb1004c6c9161f301dbd3639ad83834d7d09
-
SHA512
e43fa9f97aa6760ac5bd1f4cdc177a1866574cff51dfde30f4a51fa51b63f1b6d3f6cc96d001122199297037a19a8100a76ca64224fcb99bc7c461148eea60b9
-
SSDEEP
98304:JrUPrkqIBapmyezTnKSkXdumkrjeqH+49WIIjHYpX+S:JrcI/yhSkXdZjG
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
54.9
1281
https://t.me/dsjdsnxshjx
-
profile_id
1281
Targets
-
-
Target
Setup.exe
-
Size
381.1MB
-
MD5
919ea65f48fc29a9201a1acf50e641fb
-
SHA1
9381dd8e0af5e0bf065ab00dd557f4c2ebf7ae51
-
SHA256
50f8a3767b236fdf50e8c6f01f04bb1004c6c9161f301dbd3639ad83834d7d09
-
SHA512
e43fa9f97aa6760ac5bd1f4cdc177a1866574cff51dfde30f4a51fa51b63f1b6d3f6cc96d001122199297037a19a8100a76ca64224fcb99bc7c461148eea60b9
-
SSDEEP
98304:JrUPrkqIBapmyezTnKSkXdumkrjeqH+49WIIjHYpX+S:JrcI/yhSkXdZjG
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-