General
-
Target
40e88b99a6b03c16111987fa7aaf98cbb564055f2d822aa213b497ec70232c18
-
Size
3.4MB
-
Sample
230314-dgfmesfb6t
-
MD5
a4156d3baec30f5866d6a2403b9341d5
-
SHA1
62820b126f3c67487904729897e17ef7bd4e3417
-
SHA256
40e88b99a6b03c16111987fa7aaf98cbb564055f2d822aa213b497ec70232c18
-
SHA512
3a4e5cac114ed6d9a9fa10ccc1165322e7bfebae19794da69f65f1b9479ef7d74e4bffb2ad1e1aa173a7fc8a04b97a2f1cf465f73d6e3593dcf3c3d9c2cd3ac8
-
SSDEEP
98304:lmwMi6hqm+mXHkTiGDsAsQJEwky5CXjcM0Jhv8jYhz:lmRhfv3DG4+vsXjcM0zv8jS
Static task
static1
Malware Config
Targets
-
-
Target
40e88b99a6b03c16111987fa7aaf98cbb564055f2d822aa213b497ec70232c18
-
Size
3.4MB
-
MD5
a4156d3baec30f5866d6a2403b9341d5
-
SHA1
62820b126f3c67487904729897e17ef7bd4e3417
-
SHA256
40e88b99a6b03c16111987fa7aaf98cbb564055f2d822aa213b497ec70232c18
-
SHA512
3a4e5cac114ed6d9a9fa10ccc1165322e7bfebae19794da69f65f1b9479ef7d74e4bffb2ad1e1aa173a7fc8a04b97a2f1cf465f73d6e3593dcf3c3d9c2cd3ac8
-
SSDEEP
98304:lmwMi6hqm+mXHkTiGDsAsQJEwky5CXjcM0Jhv8jYhz:lmRhfv3DG4+vsXjcM0zv8jS
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-