General
-
Target
b94410f72a616a50600c2a45dcef47961b427b15c3b535baf447ae60895e5ded
-
Size
225KB
-
Sample
221127-v7k39saf4z
-
MD5
7b7efe9132956a5517e1e6b7ee89d302
-
SHA1
308f11a98895940845ef9a5af333bcc1d9f38260
-
SHA256
b94410f72a616a50600c2a45dcef47961b427b15c3b535baf447ae60895e5ded
-
SHA512
87d85fcc0b1d1e42a89a39ece64051269d7e75c9bc366f940059d33cf8b551f0d342537c2eb46a75549472ad5418c1f8691b42c8d5c0b728dfc7a631c74f7b99
-
SSDEEP
6144:WAsBZRjd0+yiRUeq2KdtlHrsk9/u6r89sMT3QrEY:m5+iRUefKzlHrbtu6rJMbQD
Static task
static1
Behavioral task
behavioral1
Sample
b94410f72a616a50600c2a45dcef47961b427b15c3b535baf447ae60895e5ded.exe
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
b94410f72a616a50600c2a45dcef47961b427b15c3b535baf447ae60895e5ded
-
Size
225KB
-
MD5
7b7efe9132956a5517e1e6b7ee89d302
-
SHA1
308f11a98895940845ef9a5af333bcc1d9f38260
-
SHA256
b94410f72a616a50600c2a45dcef47961b427b15c3b535baf447ae60895e5ded
-
SHA512
87d85fcc0b1d1e42a89a39ece64051269d7e75c9bc366f940059d33cf8b551f0d342537c2eb46a75549472ad5418c1f8691b42c8d5c0b728dfc7a631c74f7b99
-
SSDEEP
6144:WAsBZRjd0+yiRUeq2KdtlHrsk9/u6r89sMT3QrEY:m5+iRUefKzlHrbtu6rJMbQD
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-