General
-
Target
7C9805C8B00E8154700E1CAFEF63CD4D62152B2EC5BEC.exe
-
Size
384KB
-
Sample
230223-2wntcahd54
-
MD5
a10dc6b42cc3fb9760bab497980660c8
-
SHA1
f33d25561d78ae7c4f6ba273582aae78f08726fd
-
SHA256
7c9805c8b00e8154700e1cafef63cd4d62152b2ec5bec038d7e32c9f128eca9e
-
SHA512
a9bef4307ed352bdc4d10d445f8ec6fb7e006360f2e1406ee910d1ce90590fd9619a0b9570c4371e534e2bc67f663af2148ec1090b352ce71de38292471da532
-
SSDEEP
6144:TniQx54q/PzfXxbtFy9mZ9Ohnc3sHysGuiIirvdg109zMSqoL:TnVx55rfXU9mcuVhIirvdcf/Q
Static task
static1
Behavioral task
behavioral1
Sample
7C9805C8B00E8154700E1CAFEF63CD4D62152B2EC5BEC.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
7C9805C8B00E8154700E1CAFEF63CD4D62152B2EC5BEC.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
7C9805C8B00E8154700E1CAFEF63CD4D62152B2EC5BEC.exe
-
Size
384KB
-
MD5
a10dc6b42cc3fb9760bab497980660c8
-
SHA1
f33d25561d78ae7c4f6ba273582aae78f08726fd
-
SHA256
7c9805c8b00e8154700e1cafef63cd4d62152b2ec5bec038d7e32c9f128eca9e
-
SHA512
a9bef4307ed352bdc4d10d445f8ec6fb7e006360f2e1406ee910d1ce90590fd9619a0b9570c4371e534e2bc67f663af2148ec1090b352ce71de38292471da532
-
SSDEEP
6144:TniQx54q/PzfXxbtFy9mZ9Ohnc3sHysGuiIirvdg109zMSqoL:TnVx55rfXU9mcuVhIirvdcf/Q
-
Modifies firewall policy service
-
Sets file execution options in registry
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-