General
-
Target
47feab24e4a7a088fcac9a7067cbf318.bin
-
Size
4.8MB
-
Sample
230319-wctmlabe8z
-
MD5
37bf0a36bc2ef2876079f489bf7c0bd2
-
SHA1
8d992c36cb9d3f9506d762436897b89d0d722dcc
-
SHA256
e22d79dad64ac588171dd904f804060252e9b4c690cfb368dca41bf19ecb6b8a
-
SHA512
f130e28eac6959c3feb3695237852e277535a5e901dafdba934df1cd7fda49d9a184d51cb6b92a4076ca32fb3f45419940357097dddb1198ef59d3858cc2bb8f
-
SSDEEP
98304:BrPzlgBzyua5esuzsBpZRn5eZ/dnSRbHING4DsNA+7Lm2hL5Jg8n4CfDbgO:BrPzalLOVLRYZ/WbHOGJNt7LP1JFtLMO
Behavioral task
behavioral1
Sample
53285fb142e48bd1a568509c8997067370ac4578b3c92d8c3bc75ecdebc2915f.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
53285fb142e48bd1a568509c8997067370ac4578b3c92d8c3bc75ecdebc2915f.bin
-
Size
5.1MB
-
MD5
47feab24e4a7a088fcac9a7067cbf318
-
SHA1
bbe0dcbe7eb3d0fa19b4afb5edff51b7066ec45d
-
SHA256
53285fb142e48bd1a568509c8997067370ac4578b3c92d8c3bc75ecdebc2915f
-
SHA512
6b3b0e289d06839cfd32327dfa1795368601a789c3dc2a0db9f0cce01001a28a584d5c26ce4e46e9002626a1f3ba318e038578e86f00cff489956aace8b419aa
-
SSDEEP
98304:KxNeg5VPsVXSfJHbM+A+PoudLZ1uRhkuoxa4kReiX2+jli:TgTZhHbFddNZ1kroxacUbBi
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-