General
-
Target
e2a54aa5e3240dc68e43f5920d4dd5b9243aa428290529bdda008ec68cea14ce
-
Size
276KB
-
Sample
221127-dmancsee88
-
MD5
29bd9a2961addf43a57c62691fdd205b
-
SHA1
e9e621fc47efad45443fa1327327e279b39322e4
-
SHA256
e2a54aa5e3240dc68e43f5920d4dd5b9243aa428290529bdda008ec68cea14ce
-
SHA512
8085ea3866515e295ca1582bdacd0f7973d3ac5b643f5d80dcc9114f9cd60ffd65e2e685a7e6497d1df323a83fc965438fb202ad791fe7a9eb3cfd015164c335
-
SSDEEP
6144:g7ibPRDETCOx84EHACTaKYiXyF5HQ+Ksm1VdScmpn:gmbPRDTS8Acjm5HQ+K4
Static task
static1
Behavioral task
behavioral1
Sample
e2a54aa5e3240dc68e43f5920d4dd5b9243aa428290529bdda008ec68cea14ce.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
e2a54aa5e3240dc68e43f5920d4dd5b9243aa428290529bdda008ec68cea14ce
-
Size
276KB
-
MD5
29bd9a2961addf43a57c62691fdd205b
-
SHA1
e9e621fc47efad45443fa1327327e279b39322e4
-
SHA256
e2a54aa5e3240dc68e43f5920d4dd5b9243aa428290529bdda008ec68cea14ce
-
SHA512
8085ea3866515e295ca1582bdacd0f7973d3ac5b643f5d80dcc9114f9cd60ffd65e2e685a7e6497d1df323a83fc965438fb202ad791fe7a9eb3cfd015164c335
-
SSDEEP
6144:g7ibPRDETCOx84EHACTaKYiXyF5HQ+Ksm1VdScmpn:gmbPRDTS8Acjm5HQ+K4
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-