General
-
Target
104dd8e3bf957c6cf7da52c546405ab7.exe
-
Size
5.7MB
-
Sample
221125-h8eawsag59
-
MD5
104dd8e3bf957c6cf7da52c546405ab7
-
SHA1
2623754939b50204e06d94ae62eb6afc6587f69a
-
SHA256
dd6ab934b4c23d80a7a699d9ef55498d56115c86df0fa9ff73cfc1651c1b07c0
-
SHA512
435f7b869769d3a1642c84f3b081c5e93e22c4fd96f7aa82c9d8201b539106bddc0b047348d92bc752a6d9afcd97bfe1e84eaa20a036d92593806de7adc99628
-
SSDEEP
98304:NEp+KwDQdGp//3wHhGizimMxJlqyIZybWHOpjecBF7yx2h5UO1VQxznJZ531:NEp+fDQdGp3wBGgovqZfHOxtBB62DI
Behavioral task
behavioral1
Sample
104dd8e3bf957c6cf7da52c546405ab7.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
104dd8e3bf957c6cf7da52c546405ab7.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
104dd8e3bf957c6cf7da52c546405ab7.exe
-
Size
5.7MB
-
MD5
104dd8e3bf957c6cf7da52c546405ab7
-
SHA1
2623754939b50204e06d94ae62eb6afc6587f69a
-
SHA256
dd6ab934b4c23d80a7a699d9ef55498d56115c86df0fa9ff73cfc1651c1b07c0
-
SHA512
435f7b869769d3a1642c84f3b081c5e93e22c4fd96f7aa82c9d8201b539106bddc0b047348d92bc752a6d9afcd97bfe1e84eaa20a036d92593806de7adc99628
-
SSDEEP
98304:NEp+KwDQdGp//3wHhGizimMxJlqyIZybWHOpjecBF7yx2h5UO1VQxznJZ531:NEp+fDQdGp3wBGgovqZfHOxtBB62DI
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-