General
-
Target
735070d5a6482e4585eb62ed3cd2f2da152a86c1b6752618bbb3dff65a2d3498
-
Size
184KB
-
Sample
221127-r344ssee27
-
MD5
db6c83861440cb0669f5e5a694b50bce
-
SHA1
05d29f8e7eba3276003207bb215db760a3ebc23e
-
SHA256
735070d5a6482e4585eb62ed3cd2f2da152a86c1b6752618bbb3dff65a2d3498
-
SHA512
71ce5d570e3e082e7f6abab7d2df1edd6a36ef0cc4372f1ee86e7aa2269db2c4c8d11d9625f58fc85934f1d9ae4f1b6732f59d747b8f5b687e53fa51de0258a9
-
SSDEEP
3072:S6KHhzIQy4ZP3D25Aig1lp4l065dwOgIUZHvMqO2F1FCxAkEi0epW/Hf86:Sn7y4Xlp87dwOgTxvMqTFz3QpEH
Static task
static1
Behavioral task
behavioral1
Sample
735070d5a6482e4585eb62ed3cd2f2da152a86c1b6752618bbb3dff65a2d3498.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
735070d5a6482e4585eb62ed3cd2f2da152a86c1b6752618bbb3dff65a2d3498
-
Size
184KB
-
MD5
db6c83861440cb0669f5e5a694b50bce
-
SHA1
05d29f8e7eba3276003207bb215db760a3ebc23e
-
SHA256
735070d5a6482e4585eb62ed3cd2f2da152a86c1b6752618bbb3dff65a2d3498
-
SHA512
71ce5d570e3e082e7f6abab7d2df1edd6a36ef0cc4372f1ee86e7aa2269db2c4c8d11d9625f58fc85934f1d9ae4f1b6732f59d747b8f5b687e53fa51de0258a9
-
SSDEEP
3072:S6KHhzIQy4ZP3D25Aig1lp4l065dwOgIUZHvMqO2F1FCxAkEi0epW/Hf86:Sn7y4Xlp87dwOgTxvMqTFz3QpEH
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-