General
-
Target
b383c6c6c1755994e049ba277cf75bc0.exe
-
Size
300KB
-
Sample
221208-c6e7hsbg8w
-
MD5
b383c6c6c1755994e049ba277cf75bc0
-
SHA1
37b896c4c6aeb6ea834b2ed34ad834cab6bbd7d6
-
SHA256
bfef5eb79a8b5694698623d9263cda2000bf1e205246d6030ad06bf20e7a8d51
-
SHA512
702e5f3edd0f5ab03556fa1624c721c0cbd784fca460ec3ea77993ff3f447b9ba71c74ebfb8dcc03e7e05bec5704f201e06722e5359ed07ae11338de2100941d
-
SSDEEP
6144:K77777777777777777DO+ZtU7eUqgOt9V5lZYMzdRbdD4eW1sZAc/PyAVcXVxc:svU7C5lZYMzdfD9VByAVcnc
Static task
static1
Behavioral task
behavioral1
Sample
b383c6c6c1755994e049ba277cf75bc0.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
b383c6c6c1755994e049ba277cf75bc0.exe
-
Size
300KB
-
MD5
b383c6c6c1755994e049ba277cf75bc0
-
SHA1
37b896c4c6aeb6ea834b2ed34ad834cab6bbd7d6
-
SHA256
bfef5eb79a8b5694698623d9263cda2000bf1e205246d6030ad06bf20e7a8d51
-
SHA512
702e5f3edd0f5ab03556fa1624c721c0cbd784fca460ec3ea77993ff3f447b9ba71c74ebfb8dcc03e7e05bec5704f201e06722e5359ed07ae11338de2100941d
-
SSDEEP
6144:K77777777777777777DO+ZtU7eUqgOt9V5lZYMzdRbdD4eW1sZAc/PyAVcXVxc:svU7C5lZYMzdfD9VByAVcnc
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-