General
-
Target
Setup.exe
-
Size
379.9MB
-
Sample
221103-kpgb9aagam
-
MD5
1b74e0765a5f3c58c9a00b66196abf83
-
SHA1
25ca26a774fe4458b5f788a5f849bd25e1059ee9
-
SHA256
fd7058957e83055d1f5f1532e3032b88d5f41b28214247be41015f990e4b736c
-
SHA512
80828192c9138c4d90347f2b2f7aac17edc3b478f5ebc62a758e9cbe92dda549ff4211dcbe73595d83a1c663cf140b993bf8a7bb4738ff9075adbddc929cf323
-
SSDEEP
49152:KIfXAbTLNYJPKJof7HG1SGKQ6ttgACcMMc5EznT8UuhN9uuMGaDgcaUYFbtxm+VH:O/mC1K5ttRj2qAF9fY31Gtn
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220812-en
Malware Config
Extracted
vidar
54.9
1281
https://t.me/dsjdsnxshjx
-
profile_id
1281
Targets
-
-
Target
Setup.exe
-
Size
379.9MB
-
MD5
1b74e0765a5f3c58c9a00b66196abf83
-
SHA1
25ca26a774fe4458b5f788a5f849bd25e1059ee9
-
SHA256
fd7058957e83055d1f5f1532e3032b88d5f41b28214247be41015f990e4b736c
-
SHA512
80828192c9138c4d90347f2b2f7aac17edc3b478f5ebc62a758e9cbe92dda549ff4211dcbe73595d83a1c663cf140b993bf8a7bb4738ff9075adbddc929cf323
-
SSDEEP
49152:KIfXAbTLNYJPKJof7HG1SGKQ6ttgACcMMc5EznT8UuhN9uuMGaDgcaUYFbtxm+VH:O/mC1K5ttRj2qAF9fY31Gtn
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-