General
-
Target
fadd1a606ad058dc3878df48fd98d2f273202b3996ea64be97a868ddd95f19ca
-
Size
285KB
-
Sample
221126-12c4cscd3z
-
MD5
2a80a6f81bdf0a1bb8e0006ce9defcc8
-
SHA1
c1167ad9908cf4db0374898aef4252913e3b3baa
-
SHA256
fadd1a606ad058dc3878df48fd98d2f273202b3996ea64be97a868ddd95f19ca
-
SHA512
8aa26b9782d30c912da7bdc0ba47abb386807881502540869f348b9f5234179b60ac79565312bb4bbf68b768f9465dfcdde7b7aa0173b8d0f39ff5e1404c8978
-
SSDEEP
6144:KAsBZazU5uZugbr2aF8Y7sXy2V68qZpd60m+Bw0BDMHWafHz9df:xUWHX2ahYg8qZpomBDOfHXf
Static task
static1
Behavioral task
behavioral1
Sample
fadd1a606ad058dc3878df48fd98d2f273202b3996ea64be97a868ddd95f19ca.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
fadd1a606ad058dc3878df48fd98d2f273202b3996ea64be97a868ddd95f19ca
-
Size
285KB
-
MD5
2a80a6f81bdf0a1bb8e0006ce9defcc8
-
SHA1
c1167ad9908cf4db0374898aef4252913e3b3baa
-
SHA256
fadd1a606ad058dc3878df48fd98d2f273202b3996ea64be97a868ddd95f19ca
-
SHA512
8aa26b9782d30c912da7bdc0ba47abb386807881502540869f348b9f5234179b60ac79565312bb4bbf68b768f9465dfcdde7b7aa0173b8d0f39ff5e1404c8978
-
SSDEEP
6144:KAsBZazU5uZugbr2aF8Y7sXy2V68qZpd60m+Bw0BDMHWafHz9df:xUWHX2ahYg8qZpomBDOfHXf
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-