General
-
Target
a0f5f093c51c5675902bb185daf2a3e2abdbc9d013284ff340708bd1788be3fd
-
Size
256KB
-
Sample
221126-sl3ebada24
-
MD5
d40564ee078eb35e8ec2db7fa38c8ce2
-
SHA1
4906cd24b4ab2e264fabaa921f3b9ac502882854
-
SHA256
a0f5f093c51c5675902bb185daf2a3e2abdbc9d013284ff340708bd1788be3fd
-
SHA512
ffccbf624199ab7b3bf364031e33a53259f2fb3bfc7ffe20eaaab327f1d348adf426e9b095af0b9ed36dcbba36147912e6bb585eac9c9adbbe7c01480282328c
-
SSDEEP
6144:biDVm76YSbgaUkKw0lpKDfeX4RW3Kcy1tGcmfPt:GDVm76YSbgarulpKDeDEOP
Static task
static1
Behavioral task
behavioral1
Sample
a0f5f093c51c5675902bb185daf2a3e2abdbc9d013284ff340708bd1788be3fd.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
a0f5f093c51c5675902bb185daf2a3e2abdbc9d013284ff340708bd1788be3fd
-
Size
256KB
-
MD5
d40564ee078eb35e8ec2db7fa38c8ce2
-
SHA1
4906cd24b4ab2e264fabaa921f3b9ac502882854
-
SHA256
a0f5f093c51c5675902bb185daf2a3e2abdbc9d013284ff340708bd1788be3fd
-
SHA512
ffccbf624199ab7b3bf364031e33a53259f2fb3bfc7ffe20eaaab327f1d348adf426e9b095af0b9ed36dcbba36147912e6bb585eac9c9adbbe7c01480282328c
-
SSDEEP
6144:biDVm76YSbgaUkKw0lpKDfeX4RW3Kcy1tGcmfPt:GDVm76YSbgarulpKDeDEOP
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-