General
-
Target
Bark (1).exe
-
Size
230KB
-
Sample
230315-tbh4csgc6t
-
MD5
f855cb3375f71c3d61e7432e7fb0b185
-
SHA1
d66995179269fd66c143022f28b371a2ce042c4e
-
SHA256
bd30b36cf30266e1b4c8f7d8bb082ebbc7b97d42ba36dc5e80f5793bc58f6e42
-
SHA512
a7a952ea8e9a8af67f6f6ef9ec8aca079745da70b5f118fea44cac0d169238321b05bd6ef889dab6bcc190e47c2114ab61ec4e32a1bd4a87eccb792e803f7141
-
SSDEEP
6144:sQgJNRlxJyQTjA43Qv2rvgoQRlxJyQTjA43QvV8F3:GJNRlLynLoQRlLynWF
Static task
static1
Behavioral task
behavioral1
Sample
Bark (1).exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
Bark (1).exe
-
Size
230KB
-
MD5
f855cb3375f71c3d61e7432e7fb0b185
-
SHA1
d66995179269fd66c143022f28b371a2ce042c4e
-
SHA256
bd30b36cf30266e1b4c8f7d8bb082ebbc7b97d42ba36dc5e80f5793bc58f6e42
-
SHA512
a7a952ea8e9a8af67f6f6ef9ec8aca079745da70b5f118fea44cac0d169238321b05bd6ef889dab6bcc190e47c2114ab61ec4e32a1bd4a87eccb792e803f7141
-
SSDEEP
6144:sQgJNRlxJyQTjA43Qv2rvgoQRlxJyQTjA43QvV8F3:GJNRlLynLoQRlLynWF
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-