General
-
Target
4dc72fc2c7ccfd91d61848c30aac1978d329be7515740dd8436404ac9ffd63fd
-
Size
396KB
-
Sample
221123-rpks1ahb68
-
MD5
3ed79716978bb09c4890a60dd74d5470
-
SHA1
4b5232a93d4cd129f598ad0fdc93b145faee3922
-
SHA256
4dc72fc2c7ccfd91d61848c30aac1978d329be7515740dd8436404ac9ffd63fd
-
SHA512
0aedb190c6f0c5d18c509d57160c79a4c8aa64b5520e1a25d26e3bead94819159895bfa925cd9086f9837f96211d0d9e9bb439d6758b8a20a58a6a030ee527fd
-
SSDEEP
6144:iX9SMLpHYi2B2plyB86ozFti/2rvpwnIrgc8SwAAwnMNSQNcDPbI/J5EJKdIxj:mL4i2YU2iu7pwQeSBAkAkiJSsY
Static task
static1
Behavioral task
behavioral1
Sample
4dc72fc2c7ccfd91d61848c30aac1978d329be7515740dd8436404ac9ffd63fd.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4dc72fc2c7ccfd91d61848c30aac1978d329be7515740dd8436404ac9ffd63fd.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
4dc72fc2c7ccfd91d61848c30aac1978d329be7515740dd8436404ac9ffd63fd
-
Size
396KB
-
MD5
3ed79716978bb09c4890a60dd74d5470
-
SHA1
4b5232a93d4cd129f598ad0fdc93b145faee3922
-
SHA256
4dc72fc2c7ccfd91d61848c30aac1978d329be7515740dd8436404ac9ffd63fd
-
SHA512
0aedb190c6f0c5d18c509d57160c79a4c8aa64b5520e1a25d26e3bead94819159895bfa925cd9086f9837f96211d0d9e9bb439d6758b8a20a58a6a030ee527fd
-
SSDEEP
6144:iX9SMLpHYi2B2plyB86ozFti/2rvpwnIrgc8SwAAwnMNSQNcDPbI/J5EJKdIxj:mL4i2YU2iu7pwQeSBAkAkiJSsY
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Looks for VirtualBox Guest Additions in registry
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Deletes itself
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-