General
-
Target
b1378cc0168beefd7b7891cbd58d5282e9d33fd6c159464d6f728d46797ba76a
-
Size
308KB
-
Sample
221127-abldyaed83
-
MD5
60a8e3138981cf1e483c4800e73c4db3
-
SHA1
628b16123c244239c968303bf5619b2e97f5fae3
-
SHA256
b1378cc0168beefd7b7891cbd58d5282e9d33fd6c159464d6f728d46797ba76a
-
SHA512
4fc9e588ace1d1b0b07a52e654dfa84472ff57402e5d1adb236e25a0cf61cb7c1a5b137513af7ceaf93ca59f8e06f96ebd98f0334c1af207d56334ba09b898e6
-
SSDEEP
6144:BkJPQvAoH1OnWTQKbfasq7YIRvOOrelhQvnkjauV84Hn44/Vk7McQ:GJPQvAoH1OnJmNq1vVGhQsmF6Bh
Static task
static1
Behavioral task
behavioral1
Sample
b1378cc0168beefd7b7891cbd58d5282e9d33fd6c159464d6f728d46797ba76a.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
b1378cc0168beefd7b7891cbd58d5282e9d33fd6c159464d6f728d46797ba76a
-
Size
308KB
-
MD5
60a8e3138981cf1e483c4800e73c4db3
-
SHA1
628b16123c244239c968303bf5619b2e97f5fae3
-
SHA256
b1378cc0168beefd7b7891cbd58d5282e9d33fd6c159464d6f728d46797ba76a
-
SHA512
4fc9e588ace1d1b0b07a52e654dfa84472ff57402e5d1adb236e25a0cf61cb7c1a5b137513af7ceaf93ca59f8e06f96ebd98f0334c1af207d56334ba09b898e6
-
SSDEEP
6144:BkJPQvAoH1OnWTQKbfasq7YIRvOOrelhQvnkjauV84Hn44/Vk7McQ:GJPQvAoH1OnJmNq1vVGhQsmF6Bh
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-