General
-
Target
4a1da031313919a6c6553d6608869a46f45c81f68290629497f1122615d1a7cf
-
Size
315KB
-
Sample
221127-p73qeshf94
-
MD5
6a862dc51bdf3cb9cbcff57bb592546c
-
SHA1
51f4bce1b1196e85146bec83a6549763af3f334c
-
SHA256
4a1da031313919a6c6553d6608869a46f45c81f68290629497f1122615d1a7cf
-
SHA512
14d8ae5a44e1e1ca0c72e2cb0763f32b24698c0e1219c1e6c6d4b47874f5908678694501e3d20ba0eff149c8c0b0a79447adcddca0f8d665472947edc1f0e267
-
SSDEEP
6144:OAsBZxLA8ivLPhyqaShRf9OpRb9tDia3BjoybPDhk8Ni6F9D3qAPqUvtPTiI:SL7iTPhbAp9rznbr5i6F9TFLiI
Static task
static1
Behavioral task
behavioral1
Sample
4a1da031313919a6c6553d6608869a46f45c81f68290629497f1122615d1a7cf.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
4a1da031313919a6c6553d6608869a46f45c81f68290629497f1122615d1a7cf
-
Size
315KB
-
MD5
6a862dc51bdf3cb9cbcff57bb592546c
-
SHA1
51f4bce1b1196e85146bec83a6549763af3f334c
-
SHA256
4a1da031313919a6c6553d6608869a46f45c81f68290629497f1122615d1a7cf
-
SHA512
14d8ae5a44e1e1ca0c72e2cb0763f32b24698c0e1219c1e6c6d4b47874f5908678694501e3d20ba0eff149c8c0b0a79447adcddca0f8d665472947edc1f0e267
-
SSDEEP
6144:OAsBZxLA8ivLPhyqaShRf9OpRb9tDia3BjoybPDhk8Ni6F9D3qAPqUvtPTiI:SL7iTPhbAp9rznbr5i6F9TFLiI
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-