General
-
Target
00a1be7e46454a3604aed2b824952e35d49330f2ebc28b9b03c03f0ffd71af89
-
Size
9.9MB
-
Sample
230125-ly9ktshc8z
-
MD5
2656417019396085e92957933d6d5418
-
SHA1
f2395b39a403f89df2f161ed813b1015729c2308
-
SHA256
00a1be7e46454a3604aed2b824952e35d49330f2ebc28b9b03c03f0ffd71af89
-
SHA512
7ce74e33879b21863638836a9c67ff995a53bbdbe02e0db452661aa48fccfd4b20cf1cea5a071f0a815745e2eea90756e8465a5db5c4dfe388fdfcb4b0bcd1d5
-
SSDEEP
196608:TsSmZJT/bIg7H4F08k8mADBXDlDi65FRH0liLzOYVZ:TYZNbIe4OImADhp265FRUQLzLV
Static task
static1
Behavioral task
behavioral1
Sample
00a1be7e46454a3604aed2b824952e35d49330f2ebc28b9b03c03f0ffd71af89.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
00a1be7e46454a3604aed2b824952e35d49330f2ebc28b9b03c03f0ffd71af89
-
Size
9.9MB
-
MD5
2656417019396085e92957933d6d5418
-
SHA1
f2395b39a403f89df2f161ed813b1015729c2308
-
SHA256
00a1be7e46454a3604aed2b824952e35d49330f2ebc28b9b03c03f0ffd71af89
-
SHA512
7ce74e33879b21863638836a9c67ff995a53bbdbe02e0db452661aa48fccfd4b20cf1cea5a071f0a815745e2eea90756e8465a5db5c4dfe388fdfcb4b0bcd1d5
-
SSDEEP
196608:TsSmZJT/bIg7H4F08k8mADBXDlDi65FRH0liLzOYVZ:TYZNbIe4OImADhp265FRUQLzLV
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Adds Run key to start application
-