General
-
Target
432bdaebda187fa78b04d6e0ea0baf49cd4747182f336636bf3c6d602b410011
-
Size
3.4MB
-
Sample
230319-cdqgsage5v
-
MD5
4fa9920fcd7a89c599cb5ac1c111264e
-
SHA1
ac19248d3dc29e559aae3fd4af16cfd7778b2c1d
-
SHA256
432bdaebda187fa78b04d6e0ea0baf49cd4747182f336636bf3c6d602b410011
-
SHA512
3b66cd31fb4001c41f429614f3a6412813b4317771d10daa610c70a0331d12da7392c7793af4ed8dfb62d81b52f876c7e19051fbc166fcc58590363fc4064e7f
-
SSDEEP
49152:gr1c7Kvf8e9HTgXHXayMSTQ5c1ztH9rDDQvOJRg05T0Oa/rm2ho8IucxzrurVlo9:LKvfd94XayMT5sH9M0aS8o9uWyUhHyk
Static task
static1
Malware Config
Targets
-
-
Target
432bdaebda187fa78b04d6e0ea0baf49cd4747182f336636bf3c6d602b410011
-
Size
3.4MB
-
MD5
4fa9920fcd7a89c599cb5ac1c111264e
-
SHA1
ac19248d3dc29e559aae3fd4af16cfd7778b2c1d
-
SHA256
432bdaebda187fa78b04d6e0ea0baf49cd4747182f336636bf3c6d602b410011
-
SHA512
3b66cd31fb4001c41f429614f3a6412813b4317771d10daa610c70a0331d12da7392c7793af4ed8dfb62d81b52f876c7e19051fbc166fcc58590363fc4064e7f
-
SSDEEP
49152:gr1c7Kvf8e9HTgXHXayMSTQ5c1ztH9rDDQvOJRg05T0Oa/rm2ho8IucxzrurVlo9:LKvfd94XayMT5sH9M0aS8o9uWyUhHyk
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Modifies file permissions
-
Suspicious use of SetThreadContext
-