General
-
Target
af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82
-
Size
498KB
-
Sample
221204-nv8v8saf3x
-
MD5
5f9a647deb6b7dbb18296827c397f57f
-
SHA1
bd3af2a69dfdfc76f5283861398969d362343c06
-
SHA256
af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82
-
SHA512
7ea936a260aa5398c5a175de0da29ec96ee264c33b70519f4c9225b4afbcb068572586f5c54ffe5f7e3d353d91cdfcc57a8ac6c66f7c925605939ae14412d0d1
-
SSDEEP
6144:2d9vzDppTr4FGspPL0ixB1xo9JpjaaBUN+UYs2NHE7/Z8yJ1X5BF+oEPX2hjpvTJ:2HvJF+7byRaagOHa/ZvTn3E/2hjprZ
Static task
static1
Behavioral task
behavioral1
Sample
af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82
-
Size
498KB
-
MD5
5f9a647deb6b7dbb18296827c397f57f
-
SHA1
bd3af2a69dfdfc76f5283861398969d362343c06
-
SHA256
af4e4ca1e24017e4e668ecddd108fa2ee839062f0683d63854d5c63ef7945c82
-
SHA512
7ea936a260aa5398c5a175de0da29ec96ee264c33b70519f4c9225b4afbcb068572586f5c54ffe5f7e3d353d91cdfcc57a8ac6c66f7c925605939ae14412d0d1
-
SSDEEP
6144:2d9vzDppTr4FGspPL0ixB1xo9JpjaaBUN+UYs2NHE7/Z8yJ1X5BF+oEPX2hjpvTJ:2HvJF+7byRaagOHa/ZvTn3E/2hjprZ
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-