General
-
Target
ff974f29d2fdb6363cf1185ad1827039a315a1730f42f0729db535f8465eec24
-
Size
601KB
-
Sample
221127-nfmpfsch52
-
MD5
d2c983126dff6a7db0e44cdcbf151aa0
-
SHA1
fbfdba55db15457ca680cf5ccb1291363ede753a
-
SHA256
ff974f29d2fdb6363cf1185ad1827039a315a1730f42f0729db535f8465eec24
-
SHA512
1d7e544852b64fa9632cf22c3f74edab5f732ac2f69d145c0ab850bf45f8c55f7859468dfd58c8eb8bc8de47b9ab4f726108e452a774363f2896e0fc1a416544
-
SSDEEP
12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAdv:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4AF
Static task
static1
Behavioral task
behavioral1
Sample
ff974f29d2fdb6363cf1185ad1827039a315a1730f42f0729db535f8465eec24.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ff974f29d2fdb6363cf1185ad1827039a315a1730f42f0729db535f8465eec24.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
ff974f29d2fdb6363cf1185ad1827039a315a1730f42f0729db535f8465eec24
-
Size
601KB
-
MD5
d2c983126dff6a7db0e44cdcbf151aa0
-
SHA1
fbfdba55db15457ca680cf5ccb1291363ede753a
-
SHA256
ff974f29d2fdb6363cf1185ad1827039a315a1730f42f0729db535f8465eec24
-
SHA512
1d7e544852b64fa9632cf22c3f74edab5f732ac2f69d145c0ab850bf45f8c55f7859468dfd58c8eb8bc8de47b9ab4f726108e452a774363f2896e0fc1a416544
-
SSDEEP
12288:xORNsuj7LM2e2Bl4St2AxKeAN+GKnvLof/9WraN0bfs3kZwD+ZAdv:xsNsmM2lBmSt2A+yTof/YrdfqkZwD4AF
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-