General
-
Target
285126b79a1f3e3dd5a474ae648cebee8b0da388b09414f8196c9a6349cb7536
-
Size
285KB
-
Sample
221127-v65fhsaf2y
-
MD5
01daf4f618eac4c7379b4d1f8046deaa
-
SHA1
c73db227644dc6cc6d9b7fb91468014572507b4d
-
SHA256
285126b79a1f3e3dd5a474ae648cebee8b0da388b09414f8196c9a6349cb7536
-
SHA512
435380deca7baf660e8a6b673d02ff6478bc6d823ca416b04a4ff758ffb7c821d5495f9870e9a8bbe513bde229ad5a114e44283160146e205e49d9489fbad465
-
SSDEEP
6144:JAsBZACyfs1vYtn9BqNmJ5y52jzm2YYrTASZ:YCyfsYBT5yEqM7Z
Static task
static1
Behavioral task
behavioral1
Sample
285126b79a1f3e3dd5a474ae648cebee8b0da388b09414f8196c9a6349cb7536.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
285126b79a1f3e3dd5a474ae648cebee8b0da388b09414f8196c9a6349cb7536
-
Size
285KB
-
MD5
01daf4f618eac4c7379b4d1f8046deaa
-
SHA1
c73db227644dc6cc6d9b7fb91468014572507b4d
-
SHA256
285126b79a1f3e3dd5a474ae648cebee8b0da388b09414f8196c9a6349cb7536
-
SHA512
435380deca7baf660e8a6b673d02ff6478bc6d823ca416b04a4ff758ffb7c821d5495f9870e9a8bbe513bde229ad5a114e44283160146e205e49d9489fbad465
-
SSDEEP
6144:JAsBZACyfs1vYtn9BqNmJ5y52jzm2YYrTASZ:YCyfsYBT5yEqM7Z
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-