General
-
Target
8ed8eaea95a7026487227b033e9bd51b8cc5cbfe4f5794e3696598ac52244430
-
Size
184KB
-
Sample
221126-2zx67afa8v
-
MD5
6ed4149240da33975323d703dc373534
-
SHA1
e643957bc60f6ccc4edefb5982f286b7afc2551a
-
SHA256
8ed8eaea95a7026487227b033e9bd51b8cc5cbfe4f5794e3696598ac52244430
-
SHA512
5232265ada9ea6e91e4939af5796804d8e5c5042e4046ec485ef3cab2f5259727816f451d01b844584b307627dc3af7659566adc997f2c9a55c192ea361a16bf
-
SSDEEP
3072:8SzNlG6vZ8mG2MwlQKFBqE6wt30EoASZIQW+BtSNiLVIj9mVtApRMbVa+cL+7IAR:rTyWMc7j60kEoAOoSmgGMb40IAR
Static task
static1
Behavioral task
behavioral1
Sample
8ed8eaea95a7026487227b033e9bd51b8cc5cbfe4f5794e3696598ac52244430.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
8ed8eaea95a7026487227b033e9bd51b8cc5cbfe4f5794e3696598ac52244430
-
Size
184KB
-
MD5
6ed4149240da33975323d703dc373534
-
SHA1
e643957bc60f6ccc4edefb5982f286b7afc2551a
-
SHA256
8ed8eaea95a7026487227b033e9bd51b8cc5cbfe4f5794e3696598ac52244430
-
SHA512
5232265ada9ea6e91e4939af5796804d8e5c5042e4046ec485ef3cab2f5259727816f451d01b844584b307627dc3af7659566adc997f2c9a55c192ea361a16bf
-
SSDEEP
3072:8SzNlG6vZ8mG2MwlQKFBqE6wt30EoASZIQW+BtSNiLVIj9mVtApRMbVa+cL+7IAR:rTyWMc7j60kEoAOoSmgGMb40IAR
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-