General
-
Target
e66cbe4eb9061058e937dfb698226426fcf2606fdf52bd4ed24468b634ad5a67
-
Size
1.2MB
-
Sample
221127-adzz4sab3t
-
MD5
734258c1d05795f39d1777755caaa9aa
-
SHA1
b7db225fc5a8c8089b9a26d55665b24a13adcc10
-
SHA256
e66cbe4eb9061058e937dfb698226426fcf2606fdf52bd4ed24468b634ad5a67
-
SHA512
dcbfd2f3745cf58acfb7bd3d7980af9fd6b72631037622bb9cd4f30e35c4c12e7c190a567817e53e8be3fd32a3a91e8c1c308e856983d80643bf91d481fcb698
-
SSDEEP
24576:rCStj/R+pud1sQN6TgXxruXQNjj43/qqW:Nr0C/5XIANvMW
Malware Config
Targets
-
-
Target
e66cbe4eb9061058e937dfb698226426fcf2606fdf52bd4ed24468b634ad5a67
-
Size
1.2MB
-
MD5
734258c1d05795f39d1777755caaa9aa
-
SHA1
b7db225fc5a8c8089b9a26d55665b24a13adcc10
-
SHA256
e66cbe4eb9061058e937dfb698226426fcf2606fdf52bd4ed24468b634ad5a67
-
SHA512
dcbfd2f3745cf58acfb7bd3d7980af9fd6b72631037622bb9cd4f30e35c4c12e7c190a567817e53e8be3fd32a3a91e8c1c308e856983d80643bf91d481fcb698
-
SSDEEP
24576:rCStj/R+pud1sQN6TgXxruXQNjj43/qqW:Nr0C/5XIANvMW
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-