General
-
Target
2b5a38cb685bfce5afbdcd94db47ebd5653afdae86356495bf39e1f97df7fe85
-
Size
1.2MB
-
Sample
221126-3b5rssfh81
-
MD5
ee803354363f08fecd24280b7500b94b
-
SHA1
6f20880fe65ecda43e078c205958967f605bc6ca
-
SHA256
2b5a38cb685bfce5afbdcd94db47ebd5653afdae86356495bf39e1f97df7fe85
-
SHA512
4f21c4742520c676f847f9cb90aeaeb572ce2ab4f3adec39bf09dc6f1422c5597484211343b7549b90c585e885366e23ce38ab973211c99d80510d7207f07c0e
-
SSDEEP
24576:LCStj/R+pud1sQN6TgXxruXQNjj43/qq:tr0C/5XIANvM
Malware Config
Targets
-
-
Target
2b5a38cb685bfce5afbdcd94db47ebd5653afdae86356495bf39e1f97df7fe85
-
Size
1.2MB
-
MD5
ee803354363f08fecd24280b7500b94b
-
SHA1
6f20880fe65ecda43e078c205958967f605bc6ca
-
SHA256
2b5a38cb685bfce5afbdcd94db47ebd5653afdae86356495bf39e1f97df7fe85
-
SHA512
4f21c4742520c676f847f9cb90aeaeb572ce2ab4f3adec39bf09dc6f1422c5597484211343b7549b90c585e885366e23ce38ab973211c99d80510d7207f07c0e
-
SSDEEP
24576:LCStj/R+pud1sQN6TgXxruXQNjj43/qq:tr0C/5XIANvM
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-