General
-
Target
ae06281e8fa994a1746d1f1cda0c708cbf677e33c590185b5c3c16015b8eb0a6
-
Size
700KB
-
Sample
221204-2wzkvagh7t
-
MD5
13a4c3fb51ccef38549b474c0eaf426e
-
SHA1
fecbe98596e6dbe409e485c55a91268bf4c7ab37
-
SHA256
ae06281e8fa994a1746d1f1cda0c708cbf677e33c590185b5c3c16015b8eb0a6
-
SHA512
14d3d5b22579722e4062c8bc0169b64b8c301119ad7c03ab3e54a8e56645da5572206739eac44475333105741ff4b587dd7771e969a0aa9295fe584095832850
-
SSDEEP
12288:FcyqD6ei6SvvJoGbVP+rqQFWeenCCD7Y+eHv/i0iHTcpU5Mi6AZ8nanV4KgzGrP:FcyqD6ei6SvvJos+rNFWeeCCD7peHv63
Static task
static1
Behavioral task
behavioral1
Sample
ae06281e8fa994a1746d1f1cda0c708cbf677e33c590185b5c3c16015b8eb0a6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ae06281e8fa994a1746d1f1cda0c708cbf677e33c590185b5c3c16015b8eb0a6.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
ae06281e8fa994a1746d1f1cda0c708cbf677e33c590185b5c3c16015b8eb0a6
-
Size
700KB
-
MD5
13a4c3fb51ccef38549b474c0eaf426e
-
SHA1
fecbe98596e6dbe409e485c55a91268bf4c7ab37
-
SHA256
ae06281e8fa994a1746d1f1cda0c708cbf677e33c590185b5c3c16015b8eb0a6
-
SHA512
14d3d5b22579722e4062c8bc0169b64b8c301119ad7c03ab3e54a8e56645da5572206739eac44475333105741ff4b587dd7771e969a0aa9295fe584095832850
-
SSDEEP
12288:FcyqD6ei6SvvJoGbVP+rqQFWeenCCD7Y+eHv/i0iHTcpU5Mi6AZ8nanV4KgzGrP:FcyqD6ei6SvvJos+rNFWeeCCD7peHv63
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-